Certificate errors on log even with working certificate
Omada Software Controller 5.12.7 running on Linux (with Docker)
I managed to get the certificate and key working with LetsEncrypt DNS challenge for my local HTTPS. I can see the certificate is correctly applied to the controller, I don't get any alerts, and I can see the certificate in the browser is matching what I have uploaded. For those interested on making the same, you need DNS access for editing records: in my case, localmydomain is a A record to a local IP 192.168.0.x. You also need certbot installed, and acme-dns-auth.py (Google it). The --key-type rsa is required by Omada.
sudo certbot certonly --manual --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py --preferred-challenges dns --key-type rsa --debug-challenges -d localmydomain
However, before I got it to work, I stumbled upon some issues with the key, as certbot does not by default generates a RSA encrypted key as required by the Omada controller. Now I keep getting these errors filling my logs:
11-07-2023 10:23:08.061 ERROR [https-jsse-nio-8043-exec-6] [] c.t.s.o.c.u.b.b(): Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
--- stack trace
11-07-2023 10:23:08.061 WARN [https-jsse-nio-8043-exec-6] [] c.t.s.o.i.p.m.t.TenantPO(): decrypt Aes of email error
--- stack trace
I tried the following to no results:
1) re-uploading the certificate
2) deleting the eap.keystore
3) deleting the certificate
How can I make these errors go away? I will wait a couple of more days and will delete the entire Omada data if I can find a solution, and restart from scratch..