Forum Stats

  • 3,876,074 Users
  • 2,267,056 Discussions


PKI-04001: Invalid Certificate

I am trying to set up tcps connections using TLS 1.2

I am getting PKI-04001: Invalid Certificate when trying to install the user certificate.

I created a CSR with the oracle wallet

Create a certificate signing request

Do not use single quotes for spaces in -dn name

orapki wallet add -dn "CN=X99960AD01600V.UMPQ.UMPQUABANK.COM,OU=EIT - Cloud and Infrastructure Operations,O=Umpqua Bank,L=Hillsboro,ST=Oregon,C=US" -wallet /u01/app/oracle/wallet -keysize 2048 -pwd ********

I exported the CSR and sent it to my Cert Admin

He Provided a ROOT.cer, a INT.cer and the X99960AD01600V.pem created frpm the CSR

I installed the ROOT.cer and the INT.cer with no issues.

orapki wallet add -wallet "/u01/app/oracle/wallet" -pwd ************ -trusted_cert -cert "/etc/pki/ca-trust/source/anchors/ROOT.cer"

orapki wallet add -wallet "/u01/app/oracle/wallet" -pwd ************ -trusted_cert -cert "/etc/pki/ca-trust/source/anchors/INT.cer"

When I try to install the X99960AD01600V.pem as a user cert I receive the following error

orapki wallet add -wallet "/u01/app/oracle/wallet" -pwd *************** -user_cert -cert "/etc/pki/ca-trust/source/anchors/X99960AD01600V.pem"

Oracle PKI Tool Release - Production


Copyright (c) 2004, 2021, Oracle and/or its affiliates. All rights reserved.

PKI-04001: Invalid Certificate.

Could not install user cert at/etc/pki/ca-trust/source/anchors/X99960AD01600V.pem

Please add all trusted certificates before adding the user certificate

Please advise next steps