Skip to main content

Convert Unsupported Certificates to Use in HMG/HSG 4.0+

With the upgrade to OpenSSL 3, HMG/HSG 4.0+ does not support PKCS#12-formatted certificates that were generated using older versions of OpenSSL. When uploading such a certificate, if you get an "Error verifying uploaded file" message, use the instructions below to convert them to the proper format.

To convert them for use in Gateway 4.0+:

  1. SSH into your Gateway and upload your certificate.

  2. Run the following commands:

    CODE 
    INPUT_FILE=<input-file-here>
openssl pkcs12 -in $INPUT_FILE -out tmp.crt -legacy -nodes
 
# The resulting tmp.crt file should be importable by HMG/HSG, but
# if an updated PKCS12 file is preferred, run:
openssl pkcs12 -export -in tmp.crt -out fixed.pfx
  3. Download the resulting tmp.crt or fixed.pfx certificate and add them to the Gateway's Certificates section as described in Importing and Activating a Certificate.

  4. Remove the temporary files from your system:

    CODE 
    # remove temp files
rm -f tmp.crt
rm -f fixed.pfx
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close