Author Posts

February 9, 2017 at 4:24 pm

Hi all,
Not sure how many people are using Powershell in combination with PSPKI (https://pspki.codeplex.com), but I have a curious issue here.
I am using PSPKI to submit CSRs to our CA and issue them. Obviously, you can do the same with your certutil command.
One of our admins generated a CSR that I was able to successfully submit using the powershell script. I was able to give him a valid CER file, but he was unable to upload it into his applicance (error said: invalid file). I was able to open the CER on my PC, and could not find anything wrong with it. Using the very same CSR and pushing it through the certutil command, I am able to retrieve another CER file that can be installed on the appliance without any issues. When I open up both CER files on my computer, I am able to compare them, but I can't find any difference between the two.

Any ideas on how to troubleshoot that? PSPKI has been working fine without any issues so far.

Thanks.

February 16, 2017 at 2:54 pm

Sounds weird. I'd try to do a binary-level compare of the files to make sure there weren't any invisible characters or something. Like, are the two CER files exactly the same size, in bytes?