Adding a Root CA Certificate to Truststore, or Including Root CA Certificate in End Entity Certificate Replacement Chain of Trust Fails With "exception.ssl.certificate.import.name.root.ca.collision" (KBA10067)

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

KBA

KBA# 10067

Issue

When replacing an end-entity SSL certificate for HTTPS or DSP, the chain of trust must be established by providing the root and intermediate certificate authority (CA) certificates in the Engine truststore. During this process, a failure may be encountered with the error code exception.ssl.certificate.import.name.root.ca.collision:

Adding intermediate signing CA certificates are not expected to encounter this issue.

Attempting to install end-entity certificate and intermediate signing CA certificate will fail with exception.ssl.certificate.chain.incomplete.

Prerequisites

Providing a well-known root CA certificate (Verisign, DigiCert, etc).

Applicable Delphix Versions

Click here to view the versions of the Delphix engine to which this article applies

Date	Release
Apr 13, 2023	10.0.0.0, 10.0.0.1

Resolution

This error is caused by a known issue only in Delphix 10.0.0.0 and 10.0.0.1.

Upgrading the Engine to 11.0.0.0 or higher will resolve the issue, and the CA certificate can be successfully installed.

The following articles may provide more information or related information to this article:

Delphix Documentation - Customer Provided Key Pair Configuration
Delphix Documentation - Delphix Provided Key Pair Configuration

KBA

Issue

Prerequisites

Applicable Delphix Versions

Resolution

Related Articles