Convert Unsupported Certificates to Use in HMP 4.0+
With the upgrade to OpenSSL 3, HMP 4.0+ does not support PKCS#12-formatted certificates that were generated using older versions of OpenSSL. When uploading such a certificate, if you get an "Error verifying uploaded file" like shown the following image, use the instructions below to convert them to the proper format.
To convert them for use in HMP 4.0+:
- SSH into your HMP and upload your certificate.
Run the following commands:
CODEINPUT_FILE=<input-file-here> openssl pkcs12 -in $INPUT_FILE -out tmp.crt -legacy -nodes # The resulting tmp.crt file should be importable by HMP, but # if an updated PKCS12 file is preferred, run: openssl pkcs12 -export -in tmp.crt -out fixed.pfx
- Download the resulting
tmp.crt
orfixed.pfx
certificate and add them to HMP's Certificates section as described in Importing and Activating a Certificate. Remove the temporary files from your system:
CODE# remove temp files rm -f tmp.crt rm -f fixed.pfx