[BlueOnyx:16056] Re: FW: Re: Imported Renewed SSL

[Michael Stauber]

Hi Richard,

> Can anyone help with this at all? Can't work out what is wrong.

Without more details I can't work that out either. The code that handles
the uploaded certs for 520XR is this:

http://devel.blueonyx.it/trac/browser/BlueOnyx/5207R/ui/base-ssl.mod/ui/chorizo/web/controllers/uploadCert.php
starting at line 142.

The uploaded file must have the file extension txt, csr, cert or crt. If
the upload failed (see line 154), the error message
[[base-ssl.sslImportError4]] is raised in the GUI and in /var/log/messages.

In English that would be: "Unable to read uploaded certificate. Please
try again."

If the file upload finished without errors, then a Perl script is run
(see line 162) that does the actual import. This does further
verification as well, such as if the uploaded file contains a valid
certificate.

If *that* runs into an error, the error message
[[base-ssl.sslImportError$ret]] is raised both in the GUI as well as in
/var/log/messages. The actually shown message depends on the return code
of the script and has 13 different error messages associated, ranging
from ...

"Unable to upload the new certificate."
"The specified site does not exist."
"The certificate is not a valid SSL certificate."
... to ...
"Could not add the certificate authority to the certificate authority file."

If all went well, the temporary file from the upload is deleted (the
Perl script does that on successful imports, too) and you're redirected
to /ssl/siteSSL?group=$group (line 171).

So first things to check: Does the uploaded file have the supported
extension (txt, csr, cert or crt). If not, rename it.

If it has, upload. If the error persists, check /tmp/ for the temporary
file associated with the upload. It will have a cryptic name, so go by
file date. Check if the contends of the file match the contends of what
you have uploaded.

-- 
With best regards

Michael Stauber