Directory Server 5.2: 2048-bit Key SSL Certificate Installation Problems.
Last updated on MAY 17, 2018
Applies to:Oracle Directory Server Enterprise Edition - Version 5.2 SP6 to 5.2 SP6 [Release 5.0]
Information in this document applies to any platform.
You will have issues when using openSSL to generate a server certificate using 2048 bit key length for use in the Directory Server, the issued certificate fails to properly import to the DS. Here were the steps taken:
1) Generate csr from openssl command line: openssl req -nodes -newkey rsa:2048 -keyout /tmp/ls2dev.key -out /tmp/ls2dev.csr.
2) Submit csr to The public CA for signed cert. Then try to install via GUI - Manage Certificates.
3) While trying to install the server Cert you get the error:
Private key not found
Either this certificate is for another server, or this certificate was not requested using this server
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms