{"id":34280,"date":"2024-06-27T00:22:01","date_gmt":"2024-06-26T22:22:01","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=34280"},"modified":"2024-06-26T20:36:21","modified_gmt":"2024-06-26T18:36:21","slug":"bug-in-netscaler-14-1-21-57-and-14-1-25-53-prevents-pfx-import","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2024\/06\/27\/bug-in-netscaler-14-1-21-57-and-14-1-25-53-prevents-pfx-import\/","title":{"rendered":"Bug in NetScaler 14.1 21.57 and 14.1 25.53 prevents PFX import"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Stop - Pixabay\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/06\/Stop01.jpg\" alt=\"Stop - Pixabay\" width=\"168\" height=\"168\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2024\/06\/27\/bug-in-netscaler-14-1-21-57-und-14-1-25-53\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]Small note for administrators of a NetScaler ADC. There is a bug in various NetScaler firmware versions that prevents a PFX certificate from being imported and installed. The bug has now been confirmed &#8211; anyone who runs into this problem must use a workaround and split the certificate. Here is some information on the issue that I have come across in the last few days.<\/p>\n<p><!--more--><\/p>\n<h2>NetScaler certificate import<\/h2>\n<p>Administrators can import an existing certificate from a PFX file in NetScaler. Citrix has created <a href=\"https:\/\/support.citrix.com\/article\/CTX205404\/how-do-i-upload-pfx-certificates-on-netscaler\" target=\"_blank\" rel=\"noopener\">this document<\/a> for uploading such a PFX file. The relevant steps for importing and installing a PFX certificate are described in <a href=\"https:\/\/docs.netscaler.com\/en-us\/netscaler-gateway\/current-release\/install-citrix-gateway\/certificate-management-on-citrix-gateway\/import-install-existing-certificates.html\" target=\"_blank\" rel=\"noopener\">this document<\/a>.<\/p>\n<blockquote><p>A PFX file contains a certificate in PKCS#12 format. This contains the certificate, the intermediate certificate of the certification authority, which ensures the trustworthiness of the certificate, and the private key for the certificate. The creation of a PFX file is described <a href=\"https:\/\/www.sslmarket.de\/ssl\/help-pfx-datei-erstellen\" target=\"_blank\" rel=\"noopener\">here<\/a>, for example.<\/p><\/blockquote>\n<h2>Bug prevents PFX import<\/h2>\n<p>In the NetScaler builds 14.1 21.57 and 14.1 25.53 there seems to be a bug that prevents the import of a PFX certificate file. I came across the issue via the following <a href=\"https:\/\/x.com\/jakob_davidson\/status\/1805570425927225580\" target=\"_blank\" rel=\"noopener\">tweet<\/a>. Julian Jakob points out that a PFX import is not possible in NetScaler 14.1 21.57 and 14.1 25.53.<\/p>\n<p><a href=\"https:\/\/x.com\/jakob_davidson\/status\/1805570425927225580\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"\" title=\"Bug in NetScaler\" src=\"https:\/\/i.postimg.cc\/g2NZcH33\/image.png\" alt=\"Bug in NetScaler\" width=\"483\" height=\"262\" \/><\/a><\/p>\n<p>Jakob points out that the bug has been confirmed and will only be fixed in the upcoming 29.x release. Until then, the certificate and the key must be split into two files.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Small note for administrators of a NetScaler ADC. There is a bug in various NetScaler firmware versions that prevents a PFX certificate from being imported and installed. The bug has now been confirmed &#8211; anyone who runs into this problem &hellip; <a href=\"https:\/\/borncity.com\/win\/2024\/06\/27\/bug-in-netscaler-14-1-21-57-and-14-1-25-53-prevents-pfx-import\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[463,1547],"tags":[47,1544],"class_list":["post-34280","post","type-post","status-publish","format-standard","hentry","category-issue","category-software","tag-issue","tag-software"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/34280","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=34280"}],"version-history":[{"count":4,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/34280\/revisions"}],"predecessor-version":[{"id":34284,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/34280\/revisions\/34284"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=34280"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=34280"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=34280"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}