[Avalanche 6.2] Third Party Certs Missing Private Key Not Allowing Devices to Enroll

Version 4

    Verified Product Versions

    Avalanche 6.2

    Description:

    End user purchased an authority certified certificate, loaded to Avalanche, tested with https://<ServerAvalanche>/MDM to verify certificate was successfully loaded.

    But when attempting to connect the device using enrollment information the server certificate is getting failed.

     

    Cause of the issue:


    Usally when user purchases a certificate from a third party company it must be in PKCS #12 format and include a private key. It may happens that you received only the .p12 file , with a missing private key or some missing extended properties.

    In tha above case you need to export the certificate once gain with the private key.

    You can perform this using Microsoft Mangement Console(MMC)

     

    Solution:

     

    *****We strongly recommend you to contact your certificate provider to recreate the certificate with all the extended properties*****

     

    Here are the instructions

    1. Double click on the certificate you obtained in PKCS #12 format and click next on Certificate Import Wizard.

    2. Under the private key protection enter the password and check "mark this key as exportable" and also check the box next to "Include all extended properties" and hit Next.

    3. Click Next on next pages and once you click on finish you will receive a message " Import successfull"

    4. Open Microsoft Mangement Console by typing "mmc" in cmd

    1.png

    5. Add certificates snap-ins from available snap-ins and click on OK

    1.png

    6. Identify the .p12 file you imported under Personal folder and export it.

    7. Check the box next to "yes, export the private key"

    8. Make sure all the options are checked like in the below screenshot.

    9. Provide a password(this is not the certificate password which you obtained from the certificate provider)

    10. Provide the file location and the file name and click next to finish the export of certificate in the format of .PFX(PKCS #12)

     

    11. Once exported take this file and place it inside avalanche and restart the services and check it.