Hi all, i have just purchased a wildcard from commodo and im struggling to add it to Nethserver, i upload the key and the certificate and each time it says the key is wrong even though i have generated it and the csr, uploaded the csr to commodo and got sent the certificate.
i have tried renaming them, checking they are in PEM format.
what am i missing
thanks
Hi Robert,
some certification authorities require also the upload of a chain file, a third field after the private key and the certificate. All three files must be PEM-encoded.
See also TLS certificates — NS8 documentation
You could check key/cert manually using openssl, see for example How do I verify that a private key matches a certificate? (OpenSSL) | Sectigo® Official or Frequently used OpenSSL Commands
It’s not recommended but for testing you could disable the verification in the traefik app, see GitHub - NethServer/ns8-traefik: NS8 Traefik configuration
Thanks, have confirmed the key is correct. the only thing is that is has a passphrase would that make a difference in getting it on Nethserver. i have the passphrase so thats not an issue
the on
I think a passphrase could be an issue as you would need to enter it on a service restart which isn’t possible.
Could you try it without a passphrase?
