Adding a Root CA Certificate to Truststore, or Including Root CA Certificate in End Entity Certificate Replacement Chain of Trust Fails With "exception.ssl.certificate.import.name.root.ca.collision" (KBA10067)
KBA
KBA# 10067
Issue
When replacing an end-entity SSL certificate for HTTPS or DSP, the chain of trust must be established by providing the root and intermediate certificate authority (CA) certificates in the Engine truststore. During this process, a failure may be encountered with the error code exception.ssl.certificate.import.name.root.ca.collision:
Adding intermediate signing CA certificates are not expected to encounter this issue.
Attempting to install end-entity certificate and intermediate signing CA certificate will fail with exception.ssl.certificate.chain.incomplete.
Prerequisites
Providing a well-known root CA certificate (Verisign, DigiCert, etc).
Applicable Delphix Versions
- Click here to view the versions of the Delphix engine to which this article applies
-
Date Release Apr 13, 2023 10.0.0.0, 10.0.0.1
Resolution
This error is caused by a known issue only in Delphix 10.0.0.0 and 10.0.0.1.
Upgrading the Engine to 11.0.0.0 or higher will resolve the issue, and the CA certificate can be successfully installed.
Related Articles
The following articles may provide more information or related information to this article:
- Delphix Documentation - Customer Provided Key Pair Configuration
- Delphix Documentation - Delphix Provided Key Pair Configuration