thanks for your answer sliedl.

command output:

DN outputs are ok i think. what do you think?

I agree, I don't see any problems with those DNs.  Run the same command except now it's for the Firewall Certificates and not the Remote/client Certificates (replace 'client' with 'fw' in the same command, at the end):

cf -TK name,dn cert q fw

Thanks a lot for your help again sliedl.

Command output:

DN outputs for the Firewall Certificates its ok.

Observing the error message "TSWGenericError: TSWGenericError: genkey error: import: failed to update database entry with key values

algorithm: rsa", is there any command to verify the firewall database integrity?

Oh wait, I know which cert area this is now.

Run this command (do not paste the results back here):

cf -TK name,dn cert q id

In the 'dn' column that shows up you'll see one of the Remote Identities has some string for the DN and it should be cn=some string.  You can edit this DN string under the Remote Identities tab in the Certificate Management page and just add cn= to the beginning of the string and Save it.

Thanks again.

The command output is empty, and i tried to create a new Remote Identity but i am still unable to save because of error in cf_cert:

name dn

---- --

I suggest calling into Support so we can see your configuration over a remote session.