Tuesday, March 01, 2016

Cannot add certificate to Netscaler

Recently I blew the dust off my lab environment and decided to look into configuring ADFS proxy through Netscaler.  The first task of this install is to install a publicly trusted SSL certificate on the Netscaler.

Once I created a CSR and got it signed by my CA I was ready with the files I needed, namely

  • A PFX file (private key which is used to decrypt SSL traffic on the Netscaler)
  • CA bunlde (files which are used to encrypt traffic and for clients to decide whether to trust their connection to me)
When importing the files onto the Netscaler, I kept getting the following error message.

"Invalid private key, or PEM pass phrase required for this private key"

Quick Google search reveals an old CTX article.

The resolution is to export the private key to a new file on the shell of the Netscaler.  This didn't really satisfy my curiosity as to why this error was occurring.

After a bit more Googling I found the following CTX. 


This article explains that you can manually import the PFX file, but in a format that the Netscaler will be able to use.

Once this task was completed, adding the certificate bundle to this PFX file worked perfectly.

Sam




1 comment: