Hivemanager NG - GoDaddy certificate

  • 1
  • Question
  • Updated 2 years ago
Hi,

We are trying to upgrade to Hivemanager NG. With HM6 we used a godaddy certificate in combination with an aerohive ap as radius.

For the moment I'm stuck because we can't upload all our certificates. (only the pem file) We also having two crt files. I have tried to convert them with openssl but the hivemanager gives the following error if I try to use them:
Root CA gd_bundle-xxxx.pem and certificate de4829xxxxxx.pem do not match.

I have used the following commands to convert:
openssl x509 -in input.crt -out input.der -outform DER
openssl x509 -in input.der -inform DER -out output.pem -outform PEM

Thanks a lot
Photo of Jonas Dekkers

Jonas Dekkers

  • 152 Posts
  • 29 Reply Likes

Posted 3 years ago

  • 1
Photo of Jonas Dekkers

Jonas Dekkers

  • 152 Posts
  • 29 Reply Likes
Can someone help me with this?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
The error suggests that the certificate does not derive from the root or an intermediary is missing such that a chain of trust cannot be verified.

In the first instance, validate that you have the correct root certificate for the certificate you have been issued and that appropriate intermediaries are present.

Also ensure that any superfluous certificates are not present.
(Edited)
Photo of Jonas Dekkers

Jonas Dekkers

  • 152 Posts
  • 29 Reply Likes
Hi Nick,

Thanks for the support. But our certificates are working in hmol6. So I don't think the certificates are the issue.

Maybe something went wrong with the convertion from crt to pem. Is this possible?

Also I don't know why we can't upload the .crt files anymore in Hivemanager NG. Hivemanager NG says that the import went well but the .crt files aren't displayed.

Regards
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
I suggest that you validate that the certificates are ok in OpenSSL rather than assuming this.
Photo of Jonas Dekkers

Jonas Dekkers

  • 152 Posts
  • 29 Reply Likes
Thanks I will check the certificates with OpenSSL.

Is it a bug that we can't upload crt certificates on Hivemanager NG? (under Common objects --> Certificate management)
Photo of Tom Guiter

Tom Guiter

  • 1 Post
  • 0 Reply Likes
Hello,
we have the same problem here with hivemanager ng. Are you got a solution ?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Have you seen the following thread? (At the end...)

https://community.aerohive.com/aerohive/topics/radius-cant-import-external-certificate-for-radius-ae...

I suspect that you may need to convert from CER to PEM.
(Edited)
Photo of Jonas Dekkers

Jonas Dekkers

  • 152 Posts
  • 29 Reply Likes
Name must be less than 16 characters and you need to convert it to a pem format indeed.