I received this error (print bellow) after trying to save changes on admin console, while i was trying to resolve a vpn problem. I dont know what is causing this error.
Any suggestions?
**Sorry for my english, if i wrote something wrong ok**
Solved! Go to Solution.
Thanks sliedl for assisting me.
I restarted the firewall and the changes on admin console go back to save.
Best regards!
I think what you did was enter a DN wrong on one of your certificates (if you don't put 'CN=' at the beginning of the DN the firewall will still save it but the VPN code will error out on the cert).
You can run this command for a quick output of your certs and their DN outputs to see if you can spot which one does not begin with 'CN=':
cf -TK name,dn cert q client
thanks for your answer sliedl.
command output:
DN outputs are ok i think. what do you think?
I agree, I don't see any problems with those DNs. Run the same command except now it's for the Firewall Certificates and not the Remote/client Certificates (replace 'client' with 'fw' in the same command, at the end):
cf -TK name,dn cert q fw
Thanks a lot for your help again sliedl.
Command output:
DN outputs for the Firewall Certificates its ok.
Observing the error message "TSWGenericError: TSWGenericError: genkey error: import: failed to update database entry with key values
algorithm: rsa", is there any command to verify the firewall database integrity?
Oh wait, I know which cert area this is now.
Run this command (do not paste the results back here):
cf -TK name,dn cert q id
In the 'dn' column that shows up you'll see one of the Remote Identities has some string for the DN and it should be cn=some string. You can edit this DN string under the Remote Identities tab in the Certificate Management page and just add cn= to the beginning of the string and Save it.
Thanks again.
The command output is empty, and i tried to create a new Remote Identity but i am still unable to save because of error in cf_cert:
name dn
---- --
I suggest calling into Support so we can see your configuration over a remote session.
Thanks sliedl for assisting me.
I restarted the firewall and the changes on admin console go back to save.
Best regards!
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA