Unable to import the "CA Reply" when the key pair was generated using an alias that contains dots

  • 7013483
  • 19-Oct-2013
  • 29-Jan-2014

Environment

Novell Filr 1.0.0
Novell Filr 1.0.1

Situation

After generating a "New Certificate (Key Pair)" for the Filr Appliance, with an alias that contains dots (for instance filr.novell.com) a "Certification Request" is performed trough "Generate CSR". The generated .csr file is then sent to a CA company which in turn provides a .crt file.

When importing the .crt via "Import CA Reply" an  error is shown: "An error occurred importing the key pair file.  See server logs for details."

Resolution

A fix for this issue is available in the Filr 1.0.1 Hot Patch 1, available via the Novell Patch Finder.

Cause

The management console of Filr was interpreting the alias as a file name, removing the last portion (.com) as file extension.  So the filename: "filr.novell.com" became the alias: "filr.novell".

Additional Information

The /var/opt/novell/jetty8/logs/jetty.log shows the following error: "08:59:00.274:WARN:oejs.ServletHandler:/vaconfig/certificates/csrresponse/Jetty/filr.novell.com
com.novell.admin.common.server.datamodel.beans.DataModelException: Alias name doesn't exist: filr.novell".