Haivision Media Platform

Convert Unsupported Certificates to Use in HMP 4.0+

With the upgrade to OpenSSL 3, HMP 4.0+ does not support PKCS#12-formatted certificates that were generated using older versions of OpenSSL. When uploading such a certificate, if you get an "Error verifying uploaded file" like shown the following image, use the instructions below to convert them to the proper format.

Certificate_Error.png

To convert them for use in HMP 4.0+:

  1. SSH into your HMP and upload your certificate.

  2. Run the following commands:

    INPUT_FILE=<input-file-here>
    openssl pkcs12 -in $INPUT_FILE -out tmp.crt -legacy -nodes
    
    # The resulting tmp.crt file should be importable by HMP, but
    # if an updated PKCS12 file is preferred, run:
    openssl pkcs12 -export -in tmp.crt -out fixed.pfx
    
  3. Download the resulting tmp.crt or fixed.pfx certificate and add them to HMP's Certificates section as described in Importing and Activating a Certificate.

  4. Remove the temporary files from your system:

    # remove temp files
    rm -f tmp.crt
    rm -f fixed.pfx