Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000216060

ECS: ECDSA sertifikası karşıya yüklenamıyor

Summary: Sertifikayı ECS'ye yüklemeye çalışan bir kullanıcı HATA alır: "Failed to load the private key" OR "The provided key and certificate do not match" (Özel anahtar yüklenemedi) VEYA "Sağlanan anahtar ve sertifika eşleşmiyor" hataları. ...

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

ECS sertifika aracı kullanılarak ECS'ye veri/yönetim CA imzalı sertifika karşıya yükleme sırasında aşağıdaki hata görülür. 
admin@ecsnode01:~/ecs_certificate_tool-1.6> python ecs_certificate_tool.py upload_certificate -c /home/admin/CER/Management/server.pem -p /home/admin/ecs_certificate_tool-1.6/generated_files/CKM0XXXX00120-management_private.key -m
ecs_certificate_tool v1.6
----------------------------------------------------------------------
Upload Certificate
----------------------------------------------------------------------

Authenticating using configured credentials..PASS

Reading certificate from: /home/admin/CER/Management/server.pem..DONE
Reading private key from: /home/admin/ecs_certificate_tool-1.6/generated_files/CKM0XXXX00120-management_private.key..DONE
Backing up existing certificate if needed..
Backed up existing certificate to : /home/admin/ecs_certificate_tool-1.6/certificate_backups/CKM0XXXX00120-management_2023-05-30-07-06-32.crt.backup
Uploading the certificate to ECS..Failed to upload certificate.
response: 999An unexpected error occurred, please check the ECS logs for more information
The provided key and certificate do not match
false headers: {'Date': 'Tue, 30 May 2023 07:06:34 GMT', 'Content-Length': '281', 'Content-Type': 'application/xml', 'Connection': 'keep-alive'}

Cause

Eşleşmiyorsa Ortak Anahtar algoritması ve İmza algoritması bu hataya neden olabilir.

Resolution

İmzalı sertifikayı doğrulayın. Aşağıdaki örnekte, Ortak Anahtar algoritması RSA ve İmza algoritması SHA512 ile ECDSA'dır. 
admin@ecsnode01:~/CER/Management> openssl x509 -text -noout -in server.pem
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:89:4d:xx:a4:90:a6:a4:xx:c4:5f:xx:6d:43:ef:xx:78:91:f2:cc
    Signature Algorithm: ecdsa-with-SHA512
        Issuer: C=IN, ST=Bagmane, L=Bangalore, O=Dell Technologies, OU=AGI, CN=ecsnode.agi.dell.com.in/emailAddress=ecsnode@dell.com.in
        Validity
            Not Before: May 30 06:29:36 2023 GMT
            Not After : May 28 06:29:36 2028 GMT
        Subject: C=IN, ST=Bagmane, L=Bangalore, O=Dell Technologies, OU=AGI, CN=ecsnode.agi.dell.com.in/emailAddress=ecsnode@dell.com.in
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ce:e4:31:7d:b6:13:43:bc:99:59:ad:8e:99:ae:
                    b8:28:20:85:71:46:xx:a9:d5:17:e4:e7:2e:bb:b7:
                    76:4f:4f:0e:e3:xx:fe:af:2a:d8:68:c2:98:af:de:
                    a7:28:c0:9d:03:37:fb:a3:4a:0c:a1:24:a6:2f:2c:
                    9a:ff:e8:03:d9:47:bf:69:28:6f:3e:xx:81:ea:e5:
                    40:5b:68:fb:9f:c4:b2:67:f9:ea:7e:ea:67:95:91:
                    20:45:70:bb:f5:c9:b8:e0:7e:87:f8:29:13:fa:87:
                    40:8e:b8:2a:b5:f6:1c:c2:e0:a5:54:47:66:bf:54:
                    0e:a5:52:55:a4:2f:2e:48:49:45:ac:d9:08:86:0b:
                    10:42:77:b2:9d:59:77:62:xx:6f:9a:4b:ec:14:81:
                    7c:b4:a1:43:1e:53:f7:71:ae:35:9e:6f:af:d1:95:
                    fe:b4:53:dd:15:ad:e8:01:77:81:7b:1a:fa:16:e8:
                    d6:36:xx:db:e3:70:57:87:ac:6f:e7:b6:e6:25:e0:
                    01:3a:86:f9:28:e1:e2:aa:73:xx:ea:69:be:11:98:
                    3b:a1:c9:d1:c5:98:a6:66:66:91:36:ca:11:9d:40:
                    df:46:5c:4d:27:xx:80:99:f3:82:bf:6c:2e:ae:5a:
                    04:9b:10:3f:8b:04:e5:f6:30:ef:c0:9c:87:6f:82:
                    40:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                keyid:xx:DB:EF:4C:F4:xx:C3:2A:0E:2B:8C:50:xx:85:46:F2:A1:E2:E3:xx

            X509v3 Basic Constraints:
                CA:FALSE
            X509v3 Key Usage:
                Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication
            X509v3 Subject Alternative Name:
                DNS:ecsnode1.agi.dell.com.in, DNS:ecsnode2.agi.dell.com.in, DNS:ecsnode3.agi.dell.com.in, DNS:ecsnode4.agi.dell.com.in,DNS:ecsnode5.agi.dell.com.in, IP Address:10.xx.xx.01, IP Address:10.xx.xx.02, IP Address:10.xx.xx.03, IP Address:10.xx.xx.04, IP Address:10.xx.xx.05, IP Address:10.xx.xx.04
    Signature Algorithm: ecdsa-with-SHA512
         30:65:02:xx:00:f9:77:76:6c:24:9b:64:cd:e2:06:3d:70:22:
         d3:85:c5:5b:63:21:54:c5:7d:5c:b5:ce:xx:ad:8c:54:3a:12:
         f7:89:xx:bd:70:c6:69:3a:b0:c6:be:7c:88:3c:51:6e:f0:02:
         30:5e:01:73:9c:b8:16:e6:7e:9b:9d:ab:xx:07:bb:3d:cd:7f:
         94:da:fa:8c:xx:0f:3c:32:a3:93:32:da:63:6b:4c:e6:ff:f1:
         2f:4e:2c:c9:9f:62:22:xx:ff:b7:a7:01:c9
CSR, ECDSA algoritmasıyla CA ile imzalandığında bile ECS'ye yüklenmeye çalışılırken anahtar başarısız oluyor. 
admin@ecsnode1:~/ecs_certificate_tool-1.6> python ecs_certificate_tool.py upload_certificate -c CKMxxxxxxx048-management-ssc.crt -p CKMxxxxxxxx048-management_private.key -m
ecs_certificate_tool v1.6
----------------------------------------------------------------------
Upload Certificate
----------------------------------------------------------------------

Authenticating using configured credentials..PASS

Reading certificate from: CKMxxxxxxx048-management-ssc.crt..DONE
Reading private key from: CKMxxxxxxx048-management_private.key..DONE
Backing up existing certificate if needed..
Backed up existing certificate to : /home/admin/ecs_certificate_tool-1.6/certificate_backups/CKMxxxxxxx048-management_2023-06-17-08-39-27.crt.backup
Uploading the certificate to ECS..Failed to upload certificate.
 response: 1008Invalid parameter
Failed to load the private key.
false headers: {'Date': 'Sat, 17 Jun 2023 08:39:29 GMT', 'Content-Length': '209', 'Content-Type': 'application/xml', 'Connection': 'keep-alive'} Sertifika yükleme API'si RSA anahtarı/sertifikası bekliyor. Bu nedenle ECDSA yöntemi ECS'de desteklenmez.

Article Properties

Affected Product

ECS, Elastic Cloud Storage

Last Published Date

02 Oct 2023

Version

2

Article Type

Solution

Back to Top