My Oracle Support Banner

Directory Server 5.2: 2048-bit Key SSL Certificate Installation Problems. (Doc ID 1312440.1)

Last updated on MAY 17, 2018

Applies to:

Oracle Directory Server Enterprise Edition - Version 5.2 SP6 to 5.2 SP6 [Release 5.0]
Information in this document applies to any platform.


You will have issues when using openSSL to generate a server certificate using 2048 bit key length for use in the Directory Server, the issued certificate fails to properly import to the DS. Here were the steps taken:

1) Generate csr from openssl command line: openssl req -nodes -newkey rsa:2048 -keyout /tmp/ls2dev.key -out /tmp/ls2dev.csr.
2) Submit csr to The public CA for signed cert. Then try to install via GUI - Manage Certificates.
3) While trying to install the server Cert you get the error:

Incorrect Usage
Private key not found
Either this certificate is for another server, or this certificate was not requested using this server




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.