Failed to create certificate request - countryName

  • 7023362
  • 18-Sep-2018
  • 18-Sep-2018


Privileged Account Manager


Unable to create a Certificate Signing Request (CSR) from the Hosts Console
The following browser dialog error when requesting a certificate for the framework manager console:
Failed to create certificate request

The following is found in the unifid.log:
Error, Error adding attribute countryName to request
Info, SSL Error: error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long
Info, admin certRequest client:localhost user:admin@<hostname>( rc:0 status:500(Failed to create certificate request) (66ms)[42078208:42078208]<90112><327680>


The Country field of a Certificate Signing Request should be a 2-character ISO format country code.

More details can be found from documentation provided by the Certificate Authority (CA).

The following is a list of SSL Certificate Country Codes provided by Digicert as an example:


Invalid details provided in conflict with the certificate authority documentation.