Recenlty I have been involved at a customer where we deployed a new NetScaler pair with the latest and greatest firmware version. We ran into an issue with certificates. In this blog I will talk about the issues we ran into and how you can solve them.

When running NetScaler firmware and you want to install a PFX certificate there is a possibility that you receive the following error (No certificates present in the certificate bundle file):

If you do succeed to install the PFX on NetScaler you might get an error whilst binding the certificate to a vServer:

Certificate is not server certificate


These errors seem to be a bug in the GUI of NetScaler. You can solve this by doing the following:

  • Upload the certificate file to /nsconfig/ssl
  • SSH into NetScaler and run: add ssl certkey <name_of_certificate> -cert /nsconfig/ssl/<Name_of_pfx> -key /nsconfig/ssl/ <name_of_pfx) -password <enteryourpasswordhere>

After running this on the CLI you are able to bind your certificate to vServers again.

Hope this helps you in adding certificates to your NetScaler again!

<UPDATED: 24-07-2018 - Changed command to add ssl certkey due to recent comments, my bad, I think it was a typo! </UPDATED>


Comments powered by CComment