Getting SSL Invalid Key Error on Uploading SSL Cert from Lets Encrypt

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Getting SSL Invalid Key Error on Uploading SSL Cert from Lets Encrypt

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Getting SSL Invalid Key Error on Uploading SSL Cert from Lets Encrypt
Getting SSL Invalid Key Error on Uploading SSL Cert from Lets Encrypt
2023-10-20 21:07:00
Hardware Version:
Firmware Version: 5.12.7

Just upgraded to 5.12.7 and noticed that logging in started giving me the untrusted SSL error.

 

I tried running my automated renewal process with Lets Encrypt, but it appeared to have broken with the upgrade so I went to do the SSL cert process manually.

 

Here is what I did:

I went in and regenerated my SSL certificate using Lets Encrypt on the controller VM. I copied the files to my local workstation and tried to upload them into the controller, but am getting this error message: Invalid key, please make sure the file is RSA encrypted.

 

I checked the server.log file and am getting a VERY long stack trace that it won't me copy into here or it will flag it as a link for some reason. The stack trace states invalid RSA private key even though this is definitely a valid cert and key file.

 

 

I am using the PEM selection with the privkey.pem file for my SSL key and have tried importing cert.pem, fullchain.pem, and chain.pem as the certificate. All combinations cause the exact same error message.

 

The command I used to generate the key was this (removed personal info and hostname):

sudo certbot certonly --non-interactive -m <email> --agree-tos --dns-cloudflare --dns-cloudflare-credentials /usr/local/share/certbot/secrets/cloudflare.ini -d <hostname>

 

Is anybody else experiencing this issue or have a workaround?

 

  0      
  0      
#1
Options
2 Reply
Re:Getting SSL Invalid Key Error on Uploading SSL Cert from Lets Encrypt
2023-10-24 09:21:49

Hello @sayle,

 

Thank you so much for taking the time to post the issue on TP-Link community!

 

To better assist you, I've created a support ticket via your registered email address, and escalated it to our support engineer to look into the issue. The ticket ID is TKID231043971, please check your email box and ensure the support email is well received. Thanks!

Once the issue is addressed or resolved, welcome to update this topic thread with your solution to help others who may encounter the same issue as you did.

 

Many thanks for your great cooperation and patience!

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#2
Options
Re:Getting SSL Invalid Key Error on Uploading SSL Cert from Lets Encrypt
2024-02-10 17:20:37

  @sayle I had this issue too, and was not able to find any solutions online. I ended up using an article article (since I can't post a link, search for "Installing an Omada SDN controller on a Raspberry Pi whitkirk church" and you should find it), specifically the command to convert the certs to a .pfx file (

openssl pkcs12 -export -out certificate_out.pfx -inkey private.key -in certificate.crt). Omada was able to import the .pfx file (be sure to set a password or it won't import).
  1  
  1  
#3
Options