Pivotal Knowledge Base

Follow

Provisioning Error when Trying to Upload SSL Key/Cert

Environment 

 Service  Product
 Pivotal Web Services  Pivotal SSL Service

Symptom

When you try to upload the SSL key and certificate with Pivotal SSL service, you get a Provisioning Error as seen in the following screenshot: 

In the service instance logs, you will see the following error:

Aug 02 10:09:03 SSL-Service b401ef18-3efd-4750-b8a3-98e42115dbc9/[APP/1]:  {"timestamp":"1470157743.573615074","source":"ssl-service","message":"ssl-service.service.ConfigureInstance.error","log_level":2,"data":{"error":"UploadServerCertificate: InvalidParameter: 1 validation errors:\n- field too short, minimum length 1: CertificateChain","instanceID":"08f1cb10-1420-40ff-8a27-814c76d22e15"}} 

Cause

In Pivotal SSL service, you need to upload the entire certificate chain when filling in the Upload certificate field.

Resolution

Obtain the intermediate chain files for your certificate from your certificate vendor. Combine these chain files with your certificate to create a single file containing the entire chain of trust. Then, try uploading it again. A correct certificate should look like this: 

-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: YOUR-DOMAIN-NAME.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: YOUR-VENDOR/CA.crt)
-----END CERTIFICATE-----

Additional Information

Refer to this documentation for more details. 

Comments

Powered by Zendesk