PowerVault ME5: Creating CSR on an array using spaces between the Subject and extensions

Summary: This article covers how to create Certificate Signing Request (CSR) with spaces and special characters on ME50xx storage.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

Encountering issues while attempting to generate a Certificate Signing Request (CSR) on an array containing spaces and special characters.
Example below: 
# create certificate-signing-request subject /O=A. ROYHR North. Game & Co. BG/OU=IT/L=Texas/C=DE/CN=me5012-fzlb-a extension /basicConstraints=CA:TRUE/subjectAltName=DNS:me5012-xxxx-x.xxxxx.xx,IP:192.xxx.xxx.xx
Error: The command had an invalid parameter or unrecognized parameter. - Invalid parameter found [royhr] (2024-09-11 11:33:29)

# create certificate-signing-request subject "/A. ROYHR North. Game & Co. BG/OU=IT/L=Texas /C=DE/CN=me5012-fzlb-a" extension /basicConstraints=CA:TRUE/subjectAltName=DNS:me5012-xxxx-x.xxxxx.xx,IP:192.xxx.xxx.xx
Error: Command failed. - Security certificate signing request not created for controller A. Verify that the subject value has valid format. (2024-09-11 11:33:53)

Cause

This is due to the SSL specification; the array is designed to comply with the SSL specification.

Resolution

Below is the syntax and steps to create a CSR with spaces and special characters, in this case, "&". Use double quotes ("") to include spaces and backslash (\) for special characters.

# create certificate-signing-request subject "/C=DE/L=Texas/O=A. ROYHR North. Game \& Co. BG/OU=IT/CN=me5012-fzlb-a" extensions "/basicConstraints=CA:TRUE/subjectAltName=DNS:me5012-xxxx-x.xxxxx.xx,IP:192.xxx.xxx.xx"


The above command only works after the ME5.1.2.1.1 firmware upgrade. Older versions do not support spaces and all special characters. 

Excerpt from the CLI Guide:

contents <content-string>

Optional. A security certificate is generated based on the supplied content. The content becomes the subject of the certificate creation request and must be formatted as /type0=value0/ type1=value1/type2=..., where types include C for country, ST for state or province, L for location, CN for common name, and O for organization. Invalid types will be omitted from the content string. The content string cannot exceed 1024 characters and can include printable UTF-8 characters except space or semicolon. An example is /C=US/ST=CO/O=MyOrganization/ CN=www.mysite.com. You must specify either this parameter or the restore parameter or the unique parameter. 

This article is updated as updates are received.
 

Affected Products

ME Series, PowerVault ME5012, PowerVault ME5024, PowerVault ME5084
Article Properties
Article Number: 000230486
Article Type: Solution
Last Modified: 06 Mar 2025
Version:  4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.