Skip to main content
Question

Import the CA certificate problem

  • April 3, 2025
  • 3 replies
  • 97 views
S
Forum|alt.badge.img
  • Soky
  • Ground Control | Tier 1

Hi, I wanted to try promote function for the first time. I tried to promote bot from dev CR to test CR. Both CRs are on the same build (v35). I followed all the instructions here. After that I got error "Unable to find valid certification path to requested target". So I followed another guide, but I got stuck on the 4th step. In the guide is mentioned .cer certifikate, but I only have .pfx and .crt. I tried to use them, 

D:\A360>jdk11\bin\java -jar certmgr.jar -appDir "D:\A360" -importTrustCert "C:\DOKU\cert\2024_dev\SKDDMBSSRTRPA02.mbs.skoda.vwg.crt"

but I got an error:
Exception in thread "main" java.security.cert.CertificateParsingException: signed fields invalid
        at java.base/sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1826)
        at java.base/sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:181)
        at java.base/sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:102)
        at java.base/java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:355)
        at com.automationanywhere.certmgr.readers.CertReader.readX509Certificate(CertReader.java:25)
        at com.automationanywhere.certmgr.CertManager.rebuildTrustStore(CertManager.java:366)
        at com.automationanywhere.certmgr.CertManager.apply(CertManager.java:86)
        at com.automationanywhere.certmgr.Main.main(Main.java:21).

I even tried to create .cer certifikate from .pfx, but i got same error.

Please, do you know, what to do?

Thank you!

3 replies

Vatsy
Most Valuable Pathfinder
Forum|alt.badge.img+16
  • VatsyMost Valuable Pathfinder
  • Most Valuable Pathfinder
  • 163 replies
  • April 4, 2025

Hi ​@Soky,
You might have to open a support ticket with support@automationanywhere.com to get this issue resolved.

Vatsal Mehta - Ideate. Automate. Innovate. - LinkedIn URL: https://www.linkedin.com/in/vatsalmehta18
KhaledMostafaMe
Most Valuable Pathfinder
Forum|alt.badge.img+6
  • KhaledMostafaMeMost Valuable Pathfinder
  • Most Valuable Pathfinder
  • 1846 replies
  • April 4, 2025

@Soky I would recommend that ask your IT to generate the certificate for DEV and TEST Control Rooms and import it again it will work.

 

For more information 

  1. https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/deployment-planning/on-prem-install/cr-self-signed-certificate-java-credential-store.html
  2. https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/deployment-planning/on-prem-install/cloud-config-control-room-https-import-cert.html
     
Khaled Mostafa - Automation Anywhere MVP - IA SDM
rbkadiyam
Premier Pathfinder | Tier 7
Forum|alt.badge.img+17
  • rbkadiyam
  • Premier Pathfinder | Tier 7
  • 625 replies
  • April 4, 2025

@Soky  here is the process to extract .cer file from .pfx using openssl 

openssl pkcs12 -in input.pfx -out mycerts.crt -nokeys -clcerts
openssl x509 -inform pem -in mycerts.crt -outform der -out mycerts.cer

 

Other process is :

download directly from your certificate generation portal like venafi - instead of .pfx you can select .cer format as well 

 

 

 

Ramesh B Kadiyam


Terms & ConditionsCookie settingsAccessibility statement