CloudLink: Error ERR_SSL_KEY_USAGE_INCOMPATIBLE When Opening CloudLink Web UI

요약: Opening CloudLink Web UI with Chrome or Edge receives the error "ERR_SSL_KEY_USAGE_INCOMPATIBLE," Mozilla and Firefox open CloudLink Web UI without any issues.

이 문서는 다음에 적용됩니다. 이 문서는 다음에 적용되지 않습니다. 이 문서는 특정 제품과 관련이 없습니다. 모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.
기타 리소스 확인

증상

Opening CloudLink Web UI with Chrome or Edge receives the below error: 
Error ERR_SSL_KEY_USAGE_INCOMPATIBLE

원인

The issue is due to the Chrome or Edge browser security settings.

The issue is found in Chrome version 119.0.6045.160 (Official Build). 

The reason is that the CloudLink 7.1.x self-signed certificate does not have Digital Signature in Key Usage.

CloudLink 7.x cert:
CloudLink 7.x key usage

CloudLink 8 cert:
CloudLink 8 key usage

해결

In Chrome, you can apply a workaround by adding the below in regedit.

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome]
"RSAKeyUsageForLocalAnchorsEnabled"=dword:00000000

You have to restart browser for the change to take effect. However, this reduces security in Chrome and is not a recommended solution.

Preferred workarounds:

  • Use a different browser to access the CloudLink 7.1.x UI. Firefox and Internet Explorer still appear to be working with CloudLink 7.1.x, although Internet Explorer is not supported and some functionality may be missing.  Even though Internet Explorer doesn't appeared to be installed on a Windows computer you still might be able to open a tab by going to Internet Options > Programs > Manage add-ons > Learn more about toolbars and extensions.
  • Generate a custom CA signed web SSL cert that includes Digital Signature in Key Usage.
  • Upgrade to CloudLink 8.1 or higher

Here are the instructions to use OpenSSL to generate a self-signed certificate intended to replace CloudLink 7.x webSSL certs that work with Chrome and Edge.

  1. On a Linux server with OpenSSL installed, create a file called template.cfg by running command vi template.cfg and paste the information within the box below.
  2. Modify the blue entries and replace with relevant information.
[req]
default_bits           = 2048
distinguished_name     = req_distinguished_name
req_extensions         = v3_req

[req_distinguished_name]
C =Country(2 letter code)
ST =State
L =Locality(city)
O =Organization
OU =OrgUnit
CN =CommonName

C_default =US
ST_default =utah
L_default =salt lake city
O_default =dell
OU_default =dell
CN_default =cloudlinknode1

[ v3_req ]
subjectAltName   = @alt_names
keyUsage         = keyEncipherment, digitalSignature
extendedKeyUsage = serverAuth, clientAuth

[alt_names]
IP      = 192.XXX.XX.XXX
DNS.1   = cloudlinknode1
  1. Run the command:
openssl req -newkey 2048 -keyout cloudlinknode1.key -config template.cfg  -x509 -days 730 -out cloudlinknode1.crt -extensions v3_req -nodes

This outputs two files: cloudlinknode1.crt and cloudlinknode1.key. You'll upload these files into CloudLink UI in Server > TLS. Also, save these files and keep them somewhere safe. I set -days to 730 which is 2 years but you can adjust as needed.

  1. This must be done separately for each CloudLink node.
문서 속성
문서 번호: 000219861
문서 유형: Solution
마지막 수정 시간: 31 10월 2025
버전:  6
다른 Dell 사용자에게 질문에 대한 답변 찾기
지원 서비스
디바이스에 지원 서비스가 적용되는지 확인하십시오.