Skip to main content
Start a Conversation

Solved!

Go to Solution

employee666

1 Rookie

 • 

1 Message

83

August 4th, 2025 19:32

OpenManage Enterprise SSL CSR and Certificate Upload

I know that this topic has been hashed out many times, but I have yet to find a solution that works for our environments.

The main point that is causing a problem is that our SSL certificates are generated internally. We do not Microsoft CA Certificate Manager. Instead we use Hardware Security Modules (HSMs). The HSMs we use have Linux as their base OS and uses a propriety combination of the vendor's software and openssl.

A CSR is generated according to the OME User's Guide. The CSR is then loaded into the HSM device to generate an

SSL certificate with the internal CA.

Because we use internal CAs and HSMs for CA and certificate management we get the following error:

Error occurred while uploading certificate chain
CSEC9054 - Unable to upload the certificate because Certificate chain validation failed. Invalid certificate chain provided..

Recommended Action
Make sure the certificate is valid and correct and retry the operation.

We are using OpenManage Enterprise 4.5

Is there any way to resolve this within the environment described above? Creating a Windows CA Certificate Manager is not an option and we are required to use our internal CA for issuing SSL certs.

DELL-Young E

Moderator

 • 

5.2K Posts

August 5th, 2025 02:30

Hello, thanks for choosing Dell.

Can I ask you to check this article, it may help:

 

https://www.dell.com/support/kbdoc/en-au/000221202/openmanage-enterprise-troubleshooting-certificate-chain-upload-and-connection-verification-issues-for-4-0-migrations

OME: Troubleshooting Certificate Chain Issues Required for OpenManage Enterprise Migration | Dell Australia

OpenManage Enterprise administrators may run across several errors during the certificate chain upload (CGEN1008 and CSEC9002) and connection verification stage. The following is a guide to help Op...

 

"The certificate must include both Server and Client authentication for extended key usage." this is the key point

 

 

 

And another question I can ask, because you are using latest OME 4.5, was it working with the older OME versions?

 

Was this post helpful?

View All

No Events found!

Top