'Importing the csr response failed'

Forum|Forum|9 years ago
May 20, 2017
1 reply
6612 views

I've seen discussion in the forums about renewing a certificate and coming across this message, but I don't immediately see anything about when this is a new certificate being installed. I've acquired a signed certificate from a trusted authority but when I import the certificate I get the 'importing the csr response failed' message. I'm just not totally clear on how to approach this, any thoughts / advice would be very much appreciated?

Cheers!

emnoc

New Member

Questions & tips

Are you importing a CSR or CERT ( I think your meant cert ) ?

Doe the certificate have the key already in the fortimail?

Can you use a opensource tool to check the cert/priv-key pair ? I like openssl but you can use a online cert-checker server but I hate pasting a key in some one else tool

e.g openssl

openssl x509 -in <certname> -noout -modulus | openssl md5

openssl rsa -in <keyname> -noout -modulus | openssl md5

Does the 2 hashes match ?

Is the cert proper format with regards to subject fields C= ST = L= O= CN= etc.......

ken

kayescomputersAuthor

New Member

I am importing a cert, yes. The error message I get though is 'failure to import csr response'.

Not sure how to tell if the certificate has the key to be honest? Basically, I generated the csr from the FortiMail unit and submitted to the signing authority. I received an intermediate certificate and a root certificate back from the signing authority... pretty much where I'm at. Can't quite figure what's causing the error message to be thrown.

Cheers - MT

Bromont_FTNT

Staff

The intermediate and root certs from the CA would be imported under the CA Certificate tab.... If the CSR was generated on the Fortimail then you shouldn't have an issue the signed cert from the CA. You should still have one in there showing "pending"

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded