Hi, I have a ssl wildcard certificate for my domain issued by Symantec. I can't import it to qnap (version 4.3.3). The machine says that the certificate is "illegal".
Any thoughts? Thank you in advance.
Wildcard SSL certificates
- schumaku
- Guru
- Posts: 43578
- Joined: Mon Jan 21, 2008 4:41 pm
- Location: Kloten (Zurich), Switzerland -- Skype: schumaku
- Contact:
Re: Wildcard SSL certificates
You have the two (resp. three) part required in PEM format - the certificate, the non-encrypted/password-less private key, and the chain file?
-
- New here
- Posts: 4
- Joined: Mon Jul 15, 2013 10:20 pm
Re: Wildcard SSL certificates
I think so, I followed the instructions as per https://advancedhomeserver.com/qnap-ssl-management/, so I have a *.crt and a *.key file ascii files (and they don't have a password).
Do I need the intermediate certificate from the CA?
Thanks.
Do I need the intermediate certificate from the CA?
Thanks.
-
- New here
- Posts: 4
- Joined: Mon Jul 15, 2013 10:20 pm
Re: Wildcard SSL certificates
I have tried to import it with the corresponding intermediate certificate but no luck. Still "illegal".
-
- New here
- Posts: 4
- Joined: Mon Jul 15, 2013 10:20 pm
Re: Wildcard SSL certificates SOLVED
I managed to make it work by copying the *.cer file generated by openssl and pasting only the section between "BEGIN" and "END" into a new *.pem file.
In a previous version of QTS you had to paste the text directly so It was clearer that only the section between BEGIN and END was valid. The present version of QTS lets you upload the files, so you have to have a "clean" file.
Hope my experience helps someone else out there.
Cheers!
In a previous version of QTS you had to paste the text directly so It was clearer that only the section between BEGIN and END was valid. The present version of QTS lets you upload the files, so you have to have a "clean" file.
Hope my experience helps someone else out there.
Cheers!
-
- Getting the hang of things
- Posts: 91
- Joined: Tue Feb 22, 2011 4:03 pm
Re: Wildcard SSL certificates
I just got this error (or something similar).
When I created my key/CSR, I was prompted for a passphrase (to secure the key?)
Using the generated key, and cert, resulted in an "illegal" error.
I recreated a new key/CSR, without a passphrase, and requested a new certificate. The process worked, and was accepted by my QNAP.
I vaguely remember having to convert the key file last year, by supplying the passphrase, but can't recall how...
When I created my key/CSR, I was prompted for a passphrase (to secure the key?)
Using the generated key, and cert, resulted in an "illegal" error.
I recreated a new key/CSR, without a passphrase, and requested a new certificate. The process worked, and was accepted by my QNAP.
I vaguely remember having to convert the key file last year, by supplying the passphrase, but can't recall how...
TS-670 Pro (4.2.0 Build 20160311)
TS-559 Pro+ (Somewhere between 3.8.4 Build 20130816 & 4.2.1 Build 20160601)
TS-469L (4.2.0 Build 20160311)
TS-269L (4.2.0 Build 20160311)
TS-559 Pro+ (Somewhere between 3.8.4 Build 20130816 & 4.2.1 Build 20160601)
TS-469L (4.2.0 Build 20160311)
TS-269L (4.2.0 Build 20160311)
-
- New here
- Posts: 2
- Joined: Mon Sep 29, 2014 5:15 am
Re: Wildcard SSL certificates
I tried to import Wildcard SSL into QNAP and unfortunately the dialog error was displayed illegal. Please let me tell you how to import step by step and thank you very much.
-
- New here
- Posts: 2
- Joined: Mon Sep 29, 2014 5:15 am
Re: Wildcard SSL certificates SOLVED
I tried to import Wildcard SSL into QNAP and unfortunately the dialog error was displayed illegal. Please let me tell you how to import step by step and thank you very much.blixa wrote:I managed to make it work by copying the *.cer file generated by openssl and pasting only the section between "BEGIN" and "END" into a new *.pem file.
In a previous version of QTS you had to paste the text directly so It was clearer that only the section between BEGIN and END was valid. The present version of QTS lets you upload the files, so you have to have a "clean" file.
Hope my experience helps someone else out there.
Cheers!