Understanding Dell Switch N20xx HTTPS certificate handling (CSR, PrivateKey, CER, etc...)

Hello to all,

I am trying to secure access to my N2024/2048 Power Connect switches with a SSL certificate (Not self-signed).

I have created a CSR via the CLI. I sent it to our internal CA (WinSer2019) to be created/signed using NDES (I tried 2 templates). Anyhow, I got the CSR back.

The private key (Which has been updated when I had to create an auto signed certificate prior to start the process).

The CSR matches the CERT. The private key (Present in the flash://sslt_key1) matches the CERT...So far, so good... so it seemed. I've try to import it and to transfer it with similar results.

After reenabling HTTPS, I always end up with the "NET::ERR_CERT_INVALID" on my browser (Edge or Chrome) with no capacity to go any further. The cert seen on the webpage is the right one + the chaining cert (CA)

If everything matches, what part am I missing for it to work?

I wish we would have a domain other than ".local" so I could get a public cert with its own private key that could replace the one in the flash://. But this is another "fight for another day...

I am running 6.7.1.9 (6.7.1.1 yielded the same results).

Side notes: the key for SSL in the flash:// has a "-----BEGIN PRIVATE KEY----- -----END PRIVATE KEY-----" not "-----BEGIN RSA KEY----- -----END RSA KEY-----" ?!?!?! I try to convert it with OPENSSL 3.x but the resulting file is identical to the source file.

"openssl rsa -in sslt_key1.pem -out private_rsa.key"

sslt_key1.pem is exactly the same as private_rsa.key.

I've tried to import the CERT only (Via CLI), import the Cert + Chained Cert (Via CLI) and import the CERT, the Chain Cert and the Private Key (Via CLI) with the same result.

Thank you for some guidance,

EC