Bug in NetScaler 14.1 21.57 and 14.1 25.53 prevents PFX import

Stop - Pixabay[German]Small note for administrators of a NetScaler ADC. There is a bug in various NetScaler firmware versions that prevents a PFX certificate from being imported and installed. The bug has now been confirmed – anyone who runs into this problem must use a workaround and split the certificate. Here is some information on the issue that I have come across in the last few days.


NetScaler certificate import

Administrators can import an existing certificate from a PFX file in NetScaler. Citrix has created this document for uploading such a PFX file. The relevant steps for importing and installing a PFX certificate are described in this document.

A PFX file contains a certificate in PKCS#12 format. This contains the certificate, the intermediate certificate of the certification authority, which ensures the trustworthiness of the certificate, and the private key for the certificate. The creation of a PFX file is described here, for example.

Bug prevents PFX import

In the NetScaler builds 14.1 21.57 and 14.1 25.53 there seems to be a bug that prevents the import of a PFX certificate file. I came across the issue via the following tweet. Julian Jakob points out that a PFX import is not possible in NetScaler 14.1 21.57 and 14.1 25.53.

Bug in NetScaler

Jakob points out that the bug has been confirmed and will only be fixed in the upcoming 29.x release. Until then, the certificate and the key must be split into two files.


This entry was posted in issue, Software and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).