Description: When installing GoDaddy Web SSL Certificates on your OpenVPN Access Server, you can face any of the below errors:
"Private Key Load Error Could not deserialize key data. The data may be in an incorrect format or it may be encrypted with an unsupported algorithm. (ValueError)"
"Certificate/Key Render Error 'NoneType' object has no attribute 'dump_privkey' (AttributeError)"
or
"SSL Context Error: 'ascii' codec can't encode character '\ufeff' in position 0: ordinal not in range(128) (UnicodeEncodeError)"
Below is an explanation of how to solve any of the above errors:
Resolution: Most of the time, GoDaddy produces private keys named "generated-private-key.txt" prefixed with "UTF-8-BOM", which causes this problem. The solution is to change this encoding from "UTF-8-BOM" to "UTF-8", save the file, and try to install the "generated-private-key.txt" again along with the CA Signed Certificate and CA Bundled Files.
Follow these steps:
+ If you're using Windows PC:
- Open the private key provided by GoDaddy named "generated-private-key.txt" with an app such as Notepad++.
- Go to "Encoding" and change that from "UTF-8-BOM" to "UTF-8" as below:
- Save the file and try to install the "generated-private-key.txt" again along with the CA Signed Certificate and CA Bundled Files.
+ If you're using MAC PC:
- Go to the MAC CMD.
- Locate the path/directory with the private key provided by GoDaddy named "generated-private-key.txt".
- Use the below command to check the file:
file generated-private-key.txt
If the output is "generated-private-key.txt: UTF-8 Unicode (with BOM) text", then it's using "UTF-8-BOM". - Convert the file to "UTF-8" with the below command:
tail -c +4 generated-private-key.txt > new-generated-private-key.txt
Where "new-generated-private-key.txt" is the new file with the correct encoding. - Verify the encoding with the below command:
file new-generated-private-key.txt
The output should be "new-generated-private-key.txt: PEM RSA private key." - Try to install the "generated-private-key.txt" again along with the CA Signed Certificate and CA Bundled Files.
If you have additional questions, please submit a ticket.
Comments
0 comments
Please sign in to leave a comment.