Error "SSL server auth flag or digital signature/key encipherment flag is not set in the Certificate".

Description

The error, "SSL server auth flag or digital signature/key encipherment flag is not set in the Certificate", is normally seen when you select the imported local certificate on the Firewall certificate selection Page for firewall management.

Image

Image


Cause

If the wrong certificates templates like EPS, Key Recovery Agent, or Exchange user are selected during the validation, this will give us the above-mentioned error message, as these templates support only Encryption and not Digital Signatures.

Resolution

1. After the CSR request is generated on the firewall, while validating the CSR request on the Internal Server, there would be an option to select the Certificate template and make sure you choose a template as "WebServer", this template supports both Encryption and Digital signatures.

Image

2. Below is the Article for reference which gives detailed information about certificate templates:-

https://forsenergy.com/en-us/certtmpl/html/e6868771-654b-44fd-9853-7cbdd9174f47.htm


Related Articles

  • SSH password authentication fails after OpenSSH upgrade
    Read More
  • Where can I download SonicWall stencils?
    Read More
  • Configuring High Availability Monitoring settings
    Read More

Categories

Firewalls
NSa Series
Firewalls
NSsp Series
Firewalls
NSv Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community
Chat