Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Last Modified: 2016-07-05 16:15:17.0

Why do I receive an Invalid CSR error trying to submit a CSR generated by Cisco ACS?

Article Number: 43662

Problem: You are generating a CSR (certificate signing request) with Cisco ACS through your ASDM 5.2 ASA interface, submit your CSR and receive the message that there was a problem creating your certificate or invalid CSR (PKCS10)

Solution:  When generating the CSR, (from trustpoint) please add in the distinguished name sequence to appear in order as follows:

 CN, O, C

CN is the common name value

O is the Organization name value

C is the Country code value (2 letter ISO)

Do not use Subject Alternative Name fields.

This will create a valid PKCS10.

TN7063

Affected Products:

  • Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 1 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable