"PKI_E_EXPECTING_CERTIFICATE, Error: -122" error importing PFX file into Admin Console Certificate Store

  • 7015532
  • 14-Aug-2014
  • 14-Aug-2014


NetIQ Access Manager 3.2
NetIQ Access Manager 4.0
NetIQ Access Manager Administration COnsole


NAM admin wanted to import a wildcard verisign certificate into the certificate store using the Admin Console. This VeriSign certificate includes all of it's intermediary certs and the private key. After selecting the certificate (in PFX format) to import under the Certificates -> Import field, and adding the correct password, the following error message was returned:


This message is reported as

PKI_E_EXPECTING_CERTIFICATE - Static variable in class com.novell.security.japi.pki.NPKIAPI An attempt to store a certificate or a certificate chain with an invalid encoding into a Server Certificate object was made. The certificate uses signature algorithm RSA SHA1.


Import the PFX file into Internet Explorer and re-export it again as a PFX file. Once done, this new PFX file can be used to successfully import into the NAM Admin Console.