GS1900-24 - Latest firmware: Importing p12 certificate fails with error 0x246
Hello, I'm trying to import a p12/pfx file generated using the following command:
openssl pkcs12 -export -out switch.pfx -in switch.crt -inkey switch.key
on a GS1900-24 switch (Rev. A1, Firmware V2.80(AAHL.0) | 10/16/2023).
However, it always fails with the following alert (see image below too):
Upload certificate failed. Unspecified error(0x246)
I tried several things now but can't get it to work.
Any ideas?
Accepted Solution
-
Hi @zyste,
Thanks for your kind correction. Please allow me to rephrase my previous explanation. After checking I found that GS1900 only supports the RSA algorithm but not the ECDSA algorithm. Could you generate an RSA algorithm certificate file and import it to GS1900?
Zyxel Melen1
Zyxel Employee
All Replies
-
Hi @zyste,
Could you share the certificate with me? I will try to reproduce it on my side. Please check the private message I sent to you and provide the certificate and its password there.
Zyxel Melen1 -
Hello @Zyxel_Melen, I sent you the p12 file via PM.
0 -
Hi zyste, thanks for the file! I will test it next week and keep you posted.
Zyxel Melen0 -
Hi @zyste,
After checking, I found that GS1900 only supports .pfx file but not .p12 file. Could you generate a .pfx file and import it to GS1900?
Zyxel Melen0 -
Hi @Zyxel_Melen,
I think there's a technical misunderstanding on your side - pfx and p12 is essentially the same thing, just the extension is different. So, you'd just have to rename the file to e.g. certificate.pfx
As far as I remember I tried that too but got the same error - as reference, see the extensions at the Wikipedia page.
0 -
Hi @zyste,
Thanks for your kind correction. Please allow me to rephrase my previous explanation. After checking I found that GS1900 only supports the RSA algorithm but not the ECDSA algorithm. Could you generate an RSA algorithm certificate file and import it to GS1900?
Zyxel Melen1 -
Hello @Zyxel_Melen,
thank you for the hint - I used RSA and now it indeed worked!
As a suggestion, a better error message in a future firmware release would be really helpful - or at least an explanation of what error 0x246 means somewhere on the Zyxel knowledge base or similar.Discussion closed - thanks again for your help and have a nice day!
1 -
Hi @zyste,
Thanks for your input. We have already discussed this part and recorded it in the enhancement checklist. Stay tuned for our future firmware release.
Zyxel Melen0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 277 USG FLEX H Series
- 277 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 395 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 75 Security Highlight
