Directory Server 5.2: 2048-bit Key SSL Certificate Installation Problems. (Doc ID 1312440.1)

Last updated on OCTOBER 11, 2016

Applies to:

Oracle Directory Server Enterprise Edition - Version 5.2 SP6 to 5.2 SP6 [Release 5.0]
Information in this document applies to any platform.

Symptoms

You will have issues when using openSSL to generate a server certificate using 2048 bit key length for use in the Directory Server, the issued certificate fails to properly import to the DS. Here were the steps taken:

1) Generate csr from openssl command line: openssl req -nodes -newkey rsa:2048 -keyout /tmp/ls2dev.key -out /tmp/ls2dev.csr.
2) Submit csr to The public CA for signed cert. Then try to install via GUI - Manage Certificates.
3) While trying to install the server Cert you get the error:

Incorrect Usage
Private key not found
Either this certificate is for another server, or this certificate was not requested using this server

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms