[German]Small note for administrators of a NetScaler ADC. There is a bug in various NetScaler firmware versions that prevents a PFX certificate from being imported and installed. The bug has now been confirmed – anyone who runs into this problem must use a workaround and split the certificate. Here is some information on the issue that I have come across in the last few days.
Advertising
NetScaler certificate import
Administrators can import an existing certificate from a PFX file in NetScaler. Citrix has created this document for uploading such a PFX file. The relevant steps for importing and installing a PFX certificate are described in this document.
A PFX file contains a certificate in PKCS#12 format. This contains the certificate, the intermediate certificate of the certification authority, which ensures the trustworthiness of the certificate, and the private key for the certificate. The creation of a PFX file is described here, for example.
Bug prevents PFX import
In the NetScaler builds 14.1 21.57 and 14.1 25.53 there seems to be a bug that prevents the import of a PFX certificate file. I came across the issue via the following tweet. Julian Jakob points out that a PFX import is not possible in NetScaler 14.1 21.57 and 14.1 25.53.
Jakob points out that the bug has been confirmed and will only be fixed in the upcoming 29.x release. Until then, the certificate and the key must be split into two files.
Advertising
The fix is not in the 29.x release.
I'm on 29.63 and it's still broke