Unable to import pfx certificate on XTM25-W


I have bought a new wildcard certificate and created a pfx file from it.
This pfx seems ok = I can import it into my Windows machine without any problem.
But I can´t import it to the firebox XTM25-W - I get "Error occured while performing "import certificate": failed to import certificate.

I did remove all certificates before and rebooted the firebox and the "built-in" certificates where regenerated fine afterwards.

Any ideas?


  • Options

    I did see this in the log while trying to import the pfx file:
    2019-11-21 16:42:24 certd import cert pkicli error -982 Debug

  • Options

    Review this. I expect it will help.

    Importing 3rd party certificate fails

  • Options

    I always generate my CSR on a Windows server so that I can use the cert in multiple places and not have it locked to a Firebox. That sounds like what you did.

    How did you create the PFX file? I create my PFX by exporting from the Windows server on which the CSR was generated. You'll need to export the cert as PFX with private key but without extended properties.

    I have no issue import to T-series Fireboxes, but I don't have an old XTM box around to know how that import process works now...it used to be a pain. On the T-series and M-series, it's a few clicks to install a PFX file now.


    Gregg Hill

  • Options

    Hi, I will look into the url Bruce.
    No we generated the CSR from Linux (OpenSSL) and we use the wild card cert on several servers, the cert in fb is for SSLVPN/authentication. I will try to export the PFX from a Windows server Gregg.

  • Options

    Hi all,

    Problem solved; I created a new PFX with private keys and imporetd it to a Windows server (enabled export of priv. keys) and then I simply exported it to a new PFX
    Then I was able to import it to my XTM25-W.

    Thanks for pointing me to a solution!


Sign In to comment.