Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Notifications
Login / Register
Community
Community
Notifications
close
  • Forums
  • Knowledge Center
  • Events & Webinars
  • Ideas
  • Blogs
Help
Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Login / Register
Sustainability
Sustainability

Ask Me About Webinar: Data Center Assets - Modeling, Cooling, and CFD Simulation
Join our 30-minute expert session on July 10, 2025 (9:00 AM & 5:00 PM CET), to explore Digital Twins, cooling simulations, and IT infrastructure modeling. Learn how to boost resiliency and plan power capacity effectively. Register now to secure your spot!

Error importing cert, code: -32

APC UPS Data Center & Enterprise Solutions Forum

Schneider, APC support forum to share knowledge about installation and configuration for Data Center and Business Power UPSs, Accessories, Software, Services.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • Home
  • Schneider Electric Community
  • APC UPS, Critical Power, Cooling and Racks
  • APC UPS Data Center & Enterprise Solutions Forum
  • Error importing cert, code: -32
Options
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Mute
  • Printer Friendly Page
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send Invite Cancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Send New Invite Close
Top Experts
User Count
BillP
Administrator BillP Administrator
5060
voidstar_apc
Janeway voidstar_apc
196
Teken
Spock Teken
116
Erasmus_apc
Sisko Erasmus_apc
112
View All

Invite a Colleague

Found this content useful? Share it with a Colleague!

Invite a Colleague Invite
Solved Go to Solution
Back to APC UPS Data Center & Enterprise Solutions Forum
Solved
BillP
Administrator BillP Administrator
Administrator

Posted: ‎2021-07-01 01:47 AM . Last Modified: ‎2024-03-06 12:13 AM

0 Likes
11
2447
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:47 AM . Last Modified: ‎2024-03-06 12:13 AM

Error importing cert, code: -32

I am trying to import an ssl certificate signed by my enterprise PKI and keep getting the following error when I try to import the signed cert:

Error importing cert, code: -32

I am using the APC Sercurity Wizard Version 1.04 and following the instructions listed here: http://mikeshellenberger.wordpress.com/2010/05/19/issuing-ssl-certificates-to-apc-devices-from-micro...

Has anyone have success getting past this error?

Labels
  • Labels:
  • UPS Management Devices & PowerChute Software
Reply

Link copied. Please paste this link to share this article on your social media post.

  • All forum topics
  • Previous Topic
  • Next Topic

Accepted Solutions
Anonymous user
Not applicable

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

As of 1/29/2018, APC has NOT corrected any of the issues detailed above and with wild card certificates on their Network Management Card 2.  I used the latest (as of 1/2018) card firmware v6.5.0 and the latest APC Security Wizard 1.04.  I opened a ticket with APC.  APC support didn't know anything about the special tool that would allow for wild card certificates mentioned above.  With the APC Security Wizard 1.04 you can create a self signed certificate using 'CA Root Certificate', then 'SSL Server Certificate' (use a different Common Name).  Install the self signed certificate on to the Management Card 2 by going to Configuration | Network | Web | SSL Certificate.  The self signed certificate isn't a great work around.  Also the web certificate won't work for SSL/TLS encrypted emails.  You need to install an additional email certificate and appears self signed certificates won't work here.

APC really need to put some effort into securing their Network Management 2 cards and providing better documentation.  At least with the new firmware SNMPv3 is supported.

See Answer In Context

Reply

Link copied. Please paste this link to share this article on your social media post.

Replies 11
Anonymous user
Not applicable

Posted: ‎2021-07-01 01:47 AM . Last Modified: ‎2024-03-06 12:13 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:47 AM . Last Modified: ‎2024-03-06 12:13 AM

hi

I do like to check does it mean that the APC wizard can only support SSL cert. generated from the web server template? I'm trying to create a cert. using my only CA template which is 2048 bit and the cert. is required to be at least 4 years. and keep getting the error 32. Is there any other way of creating a cert. using my own CA template or is there a min. requirement for the CA template that was accepted by the wizard.

I did try create a cert. which is 2048 bit with the web server template which work but fail again when trying to upload it to the device.

I'm using the AP7723 rack ATS.
security wizard tool version 1.04


Thanks in advance .

soong 🙂

Reply

Link copied. Please paste this link to share this article on your social media post.

BillP
Administrator BillP Administrator
Administrator

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:13 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:13 AM

AP7723 has an older NMC1 inside of it. NMC1 devices only support up to 1024 bits. So, you are trying to upload an unsupported bit size to this device to begin with.

Only NMC2 devices support 1024 or 2048 bit.

our tool supports creating certificate signing requests which then you could provide the certificate signing request to your CA and then import it back via the security wizard.

Reply

Link copied. Please paste this link to share this article on your social media post.

Anonymous user
Not applicable

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:13 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:13 AM

Hi,

thanks for the reply,

I do like to check is there any way i can get the official information that "the 7723 had an old NMC1 card that support only 1024 bit", as i browse through the device spec.

regarding the CA template does it mean that the tools only generate base on the CA web template?

Regards
Soong

Reply

Link copied. Please paste this link to share this article on your social media post.

BillP
Administrator BillP Administrator
Administrator

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:13 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:13 AM

here is the document that talks about key sizes: http://www.apcmedia.com/salestools/VAVR-5ZJSVU_R2_EN.pdf

i am also not sure what you mean by "regarding the CA template does it mean that the tools only generate base on the CA web template?" - i can tell you what our APC Security Wizard does but I am not sure about your own CA root authority.

Reply

Link copied. Please paste this link to share this article on your social media post.

Anonymous user
Not applicable

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

I operate a (bogus) local root authority and use it with the APC cards. In fact, the lack of support for wildcard certificates (*.example.com) was the original impetus for setting up the local root authority, since I didn't want to pay per card for dozens of cards. Here's the relevant snippets of my internal documentation, sanitized by removing identifying info. Note that it is written in a rather snarky tone, as I was feeling snarky when I wrote it...

For some reason the forum mis-displays the text I pasted, so I'll attach it as a file.

Message was edited by: Terry Kennedy

Attachments
Reply

Link copied. Please paste this link to share this article on your social media post.

BillP
Administrator BillP Administrator
Administrator

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

on a case by case basis, we are able to support wild card certificates with a special tool.

Reply

Link copied. Please paste this link to share this article on your social media post.

Anonymous user
Not applicable

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

It would be good if this was noted somewhere - I went through this whole mess here 3.5 years ago...

Reply

Link copied. Please paste this link to share this article on your social media post.

BillP
Administrator BillP Administrator
Administrator

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

we handle it on a case by case basis. initially a new firmware was created for certain users with thousands of devices but i think the next public revision of the APC security wizard will advertise this. the tool is not public just yet though but I have a copy.

Reply

Link copied. Please paste this link to share this article on your social media post.

BillP
Administrator BillP Administrator
Administrator

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

this refers to unrecognized data format - this relates to step 5 on the link you provided.

did you see the blurb at the bottom of that web page from the author?

I ran into some strange issues when duplicating the “Web Server” template on my CA and attempting to sign certifcates with it. The CA would sign them successfully but the APC Security Wizard would error out during the import process with an error -32 . I spent a few hours playing with this but was unable to find a solution other then just using the Web Server template.+

Reply

Link copied. Please paste this link to share this article on your social media post.

BillP
Administrator BillP Administrator
Administrator

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

0 Likes
0
2446
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

That did it!

I should have read that blurb a little more closely. It should be noted that the default webserver template does not seem to allow me to add a Subject Alternative Name to the certificate. This would be nice to allow me to access the device using NETBIOS name and FQDN without certificate errors.

Reply

Link copied. Please paste this link to share this article on your social media post.

Anonymous user
Not applicable

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

0 Likes
0
2447
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2021-07-01 01:48 AM . Last Modified: ‎2024-03-06 12:12 AM

As of 1/29/2018, APC has NOT corrected any of the issues detailed above and with wild card certificates on their Network Management Card 2.  I used the latest (as of 1/2018) card firmware v6.5.0 and the latest APC Security Wizard 1.04.  I opened a ticket with APC.  APC support didn't know anything about the special tool that would allow for wild card certificates mentioned above.  With the APC Security Wizard 1.04 you can create a self signed certificate using 'CA Root Certificate', then 'SSL Server Certificate' (use a different Common Name).  Install the self signed certificate on to the Management Card 2 by going to Configuration | Network | Web | SSL Certificate.  The self signed certificate isn't a great work around.  Also the web certificate won't work for SSL/TLS encrypted emails.  You need to install an additional email certificate and appears self signed certificates won't work here.

APC really need to put some effort into securing their Network Management 2 cards and providing better documentation.  At least with the new firmware SNMPv3 is supported.

Reply

Link copied. Please paste this link to share this article on your social media post.

Preview Exit Preview

never-displayed

You must be signed in to add attachments

never-displayed

 
To The Top!

Forums

  • APC UPS Data Center Backup Solutions
  • EcoStruxure IT
  • EcoStruxure Geo SCADA Expert
  • Metering & Power Quality
  • Schneider Electric Wiser

Knowledge Center

Events & webinars

Ideas

Blogs

Get Started

  • Ask the Community
  • Community Guidelines
  • Community User Guide
  • How-To & Best Practice
  • Experts Leaderboard
  • Contact Support
Brand-Logo
Subscribing is a smart move!
You can subscribe to this board after you log in or create your free account.
Forum-Icon

Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.

Register today for FREE

Register Now

Already have an account? Login

Terms & Conditions Privacy Notice Change your Cookie Settings © 2025 Schneider Electric

This is a heading

With achievable small steps, users progress and continually feel satisfaction in task accomplishment.

Usetiful Onboarding Checklist remembers the progress of every user, allowing them to take bite-sized journeys and continue where they left.

of