Article Number: 000216060
admin@ecsnode01:~/ecs_certificate_tool-1.6> python ecs_certificate_tool.py upload_certificate -c /home/admin/CER/Management/server.pem -p /home/admin/ecs_certificate_tool-1.6/generated_files/CKM0XXXX00120-management_private.key -m
ecs_certificate_tool v1.6
----------------------------------------------------------------------
Upload Certificate
----------------------------------------------------------------------
Authenticating using configured credentials..PASS
Reading certificate from: /home/admin/CER/Management/server.pem..DONE
Reading private key from: /home/admin/ecs_certificate_tool-1.6/generated_files/CKM0XXXX00120-management_private.key..DONE
Backing up existing certificate if needed..
Backed up existing certificate to : /home/admin/ecs_certificate_tool-1.6/certificate_backups/CKM0XXXX00120-management_2023-05-30-07-06-32.crt.backup
Uploading the certificate to ECS..Failed to upload certificate.
response: 999An unexpected error occurred, please check the ECS logs for more information
admin@ecsnode01:~/CER/Management> openssl x509 -text -noout -in server.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:89:4d:xx:a4:90:a6:a4:xx:c4:5f:xx:6d:43:ef:xx:78:91:f2:cc
Signature Algorithm: ecdsa-with-SHA512
Issuer: C=IN, ST=Bagmane, L=Bangalore, O=Dell Technologies, OU=AGI, CN=ecsnode.agi.dell.com.in/emailAddress=ecsnode@dell.com.in
Validity
Not Before: May 30 06:29:36 2023 GMT
Not After : May 28 06:29:36 2028 GMT
Subject: C=IN, ST=Bagmane, L=Bangalore, O=Dell Technologies, OU=AGI, CN=ecsnode.agi.dell.com.in/emailAddress=ecsnode@dell.com.in
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ce:e4:31:7d:b6:13:43:bc:99:59:ad:8e:99:ae:
b8:28:20:85:71:46:xx:a9:d5:17:e4:e7:2e:bb:b7:
76:4f:4f:0e:e3:xx:fe:af:2a:d8:68:c2:98:af:de:
a7:28:c0:9d:03:37:fb:a3:4a:0c:a1:24:a6:2f:2c:
9a:ff:e8:03:d9:47:bf:69:28:6f:3e:xx:81:ea:e5:
40:5b:68:fb:9f:c4:b2:67:f9:ea:7e:ea:67:95:91:
20:45:70:bb:f5:c9:b8:e0:7e:87:f8:29:13:fa:87:
40:8e:b8:2a:b5:f6:1c:c2:e0:a5:54:47:66:bf:54:
0e:a5:52:55:a4:2f:2e:48:49:45:ac:d9:08:86:0b:
10:42:77:b2:9d:59:77:62:xx:6f:9a:4b:ec:14:81:
7c:b4:a1:43:1e:53:f7:71:ae:35:9e:6f:af:d1:95:
fe:b4:53:dd:15:ad:e8:01:77:81:7b:1a:fa:16:e8:
d6:36:xx:db:e3:70:57:87:ac:6f:e7:b6:e6:25:e0:
01:3a:86:f9:28:e1:e2:aa:73:xx:ea:69:be:11:98:
3b:a1:c9:d1:c5:98:a6:66:66:91:36:ca:11:9d:40:
df:46:5c:4d:27:xx:80:99:f3:82:bf:6c:2e:ae:5a:
04:9b:10:3f:8b:04:e5:f6:30:ef:c0:9c:87:6f:82:
40:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:xx:DB:EF:4C:F4:xx:C3:2A:0E:2B:8C:50:xx:85:46:F2:A1:E2:E3:xx
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Subject Alternative Name:
DNS:ecsnode1.agi.dell.com.in, DNS:ecsnode2.agi.dell.com.in, DNS:ecsnode3.agi.dell.com.in, DNS:ecsnode4.agi.dell.com.in,DNS:ecsnode5.agi.dell.com.in, IP Address:10.xx.xx.01, IP Address:10.xx.xx.02, IP Address:10.xx.xx.03, IP Address:10.xx.xx.04, IP Address:10.xx.xx.05, IP Address:10.xx.xx.04
Signature Algorithm: ecdsa-with-SHA512
30:65:02:xx:00:f9:77:76:6c:24:9b:64:cd:e2:06:3d:70:22:
d3:85:c5:5b:63:21:54:c5:7d:5c:b5:ce:xx:ad:8c:54:3a:12:
f7:89:xx:bd:70:c6:69:3a:b0:c6:be:7c:88:3c:51:6e:f0:02:
30:5e:01:73:9c:b8:16:e6:7e:9b:9d:ab:xx:07:bb:3d:cd:7f:
94:da:fa:8c:xx:0f:3c:32:a3:93:32:da:63:6b:4c:e6:ff:f1:
2f:4e:2c:c9:9f:62:22:xx:ff:b7:a7:01:c9
Même si la CSR est signée par une autorité de certification avec l’algorithme ECDSA, la clé échoue lors de la tentative de téléchargement vers ECS.
admin@ecsnode1:~/ecs_certificate_tool-1.6> python ecs_certificate_tool.py upload_certificate -c CKMxxxxxxx048-management-ssc.crt -p CKMxxxxxxxx048-management_private.key -m
ecs_certificate_tool v1.6
----------------------------------------------------------------------
Upload Certificate
----------------------------------------------------------------------
Authenticating using configured credentials..PASS
Reading certificate from: CKMxxxxxxx048-management-ssc.crt..DONE
Reading private key from: CKMxxxxxxx048-management_private.key..DONE
Backing up existing certificate if needed..
Backed up existing certificate to : /home/admin/ecs_certificate_tool-1.6/certificate_backups/CKMxxxxxxx048-management_2023-06-17-08-39-27.crt.backup
Uploading the certificate to ECS..Failed to upload certificate.
response: 1008Invalid parameter
ECS, Elastic Cloud Storage
02 Oct 2023
2
Solution