NAM Access Manager Console returns "PKI_E_PARSE_CERTIFICATE error -1240" while trying to import a certificate

Document ID:7018791
Creation Date:11-Apr-2017
Modified Date:01-Jun-2017
- Micro Focus Products:
  Access Manager (NAM)

Environment

NetIQ Access Manager 4.x

Situation

When trying to import a certificate in Base64 format, it fails, throwing the error: "Error importing signed certificate: Error: PKI_E_PARSE_CERTIFICATE, Error: -1240".

Resolution

Remove all information outside the following delimiters: "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"

Cause

While it is allowed to have additional human-readable information included in a certificate file like attributes, subject and issuer, the certificate file when importing should not contain any information outside the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" delimiter.

This additional information can be added by the openSSL process to generate a certificate out of a public/private keypair (PKCS#12 format).