I'm using a platform called Manage Engine Service Desk MSP to run an IT Helpdesk, but I am having an issue getting the SSL certificate into a format that it will take. I think the PFX is being built right, but I am seeing an issue in the logs saying Certificate Chain is not Valid & Key Protection Algorithm Not Found. I'm guessing the algorithm that openssl is using to convert from the .pem to the .pfx may be something that isn't supported by the proprietary webserver that ManageEngine uses? Is there a way to change it? And any ideas what I should change it too? It looks like it's using a Java Engine to import the cert:
Verbatim Error is: Caused by: java.security.KeyStoreException: Key protection algorithm not found: java.security.KeyStoreException: Certificate chain is not valid
Just to confirm, the PFX exports, and on Windows it imports perfectly, I just think it's something that is unique to the process that is importing the certificate on this device.
My domain is: support.wellconnected.it
I ran this command: openssl pkcs12 -export -out /home/certificate.pfx -inkey /etc/letsencrypt/live/support.wellconnected.it/privkey.pem -in /etc/letsencrypt/live/support.wellconnected.it/cert.pem -certfile /etc/letsencrypt/live/support.wellconnected.it/fullchain.pem -passout pass:$$$$$$$$$$$$$$$
It produced this output: A PFX file(when importing into Windows it's full chain), but when importing into my software running on Ubuntu I get the errors listed - Chain Not Valid & Key Protection Algorithm not Found.
The operating system my web server runs on is (include version): Ubuntu 20.04
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): certbox 1.22.0
Any assistance is greatly appreciated.