Error “Could not import the certificate” when uploading external SSL certificate to Citrix Endpoint Management console

To repackage the certificate keystore, rebuild the keystore using the old one.

1. Extract Private key from the old keystore to private-key.pem

openssl pkcs12 -in <oldkeystorefile>.pfx -nocerts -out private-key.pem -nodes

2. Extract the certificate to certificate.pem

openssl pkcs12 -in <oldkeystorefile>.pfx -nokeys -out certificate.pem

3. Open certificate.pem in a text editor

Copy 1st Certificate from “—-BEGIN CERTIFICATE—–” to “—–END CERTIFICATE—–” to file called ssl_cert.pem

Copy next 2 or more certificates from “—-BEGIN CERTIFICATE—–” to “—–END CERTIFICATE—–” to file called ssl_intermediateandroot.pem

4. Verify ssl cert.

openssl x509 -text -noout -in ssl_cert.pem

5. Verify certificate chain.

openssl x509 -text -noout -in ssl_intermediateandroot.pem

6. Export combined pfx file

openssl pkcs12 -export -out ssl_cert_with_full_chain.pfx -inkey private-key.pem -in ssl_cert.pem -certfile ssl_intermediateandroot.pem

Note: This step will ask for a password.


  • No Related Posts

Modulus Unveils AI-Enhanced Blockchain Host of Services


This morning, Modulus, a US-based developer of ultra-high-performance trading and surveillance technology that powers global equities, derivatives, and digital asset exchanges, announced that it has released its groundbreaking Blockchain-as-a-Service offering, an enterprise blockchain for decentralized verification and tracking, featuring cutting-edge AI-based capabilities. Utilizing decentralized blockchain authentication, clients are enabled to prove the origin, authenticity, and integrity of any product or service via immutable digital records that can be accessed and independently verified from across the globe.

“Traditional enterprise blockchain technology creates a cost-efficient framework for supply chain transparency, but the Modulus solution is much more than that,” explained Richard Gardner, CEO of Modulus. “Modulus enhances the typical components of blockchain-based authentication with the addition of its patent-pending artificial intelligence technologies, blending a mix of image recognition and other types of bio-inspired AI together with blockchain technology.

Traditional blockchain-based authentication utilizes a hashing algorithm, which ably handles computer files and documents, but little else. The Modulus solution offers greater real-world application, competently handling the storage of images, video, and audio, storing encrypted data in a secure, immutable Hyperledger blockchain, which may be independently audited and verified at any time.

“The Modulus Blockchain is perfect for proof of product origin, product authenticity, product tracking and delivery verification, service completion verification, security applications, accident investigations, and much more, as immutable evidence is recorded along with timestamps,” explained Gardner. “Most solutions can verify that a document is signed at a particular time. Our solution can verify that a distinct event happened at an exact time, by a specific person in a particular location. It really is next generation verification in every sense of the concept.”

The Modulus AI Blockchain Verification System is a hosted Blockchain-as-a-Service offering, with its AI-based image recognition system being hosted on custom hardware powered by IBM Power9 microprocessors. The system hosts FPGA-based deep learning convolutional neural networks that perform image recognition in real-time before sending processed data to the Hyperledger blockchain.

“The Modulus System requires little input from our clients. It works without cryptocurrencies, blockchain tokens, or cryptocurrency nodes. They need not even build out and develop their own app. Instead, our solution works with any smartphone, and it can be integrated into Amazon, Shopify, and other e-commerce platforms,” noted Gardner.

Modulus is known throughout the financial technology segment as a leader in the development of ultra-high frequency trading systems and blockchain technologies. Over the past twenty years, the company has built a client list which includes NASDAQ, Goldman Sachs, Merrill Lynch, JP Morgan Chase, Bank of America, Barclays, Siemens, Shell, Yahoo!, Microsoft, Cornell University, and the University of Chicago.

Real World Applications

• Reduces refunds, eliminates chargebacks, and mitigates costly litigation.

• Allows consumers to verify, solely by scanning a code on their smartphone without using an app, that the merchandise in front of them is authentic.

• Provides corporations with additional capabilities to manage their supply chains and eliminate inefficiencies.

• Allows easy verification of negative COVID test results.

• Guarantees the authenticity of emails, websites, and legal documents.

• Verifies that a service was performed or that a product was delivered.

Disclaimer: News Ghana is not responsible for the reportage or opinions of contributors published on the website.

Send your news stories to [email protected] and via WhatsApp on +1-508-812-0505


  • No Related Posts

Unable to use TLS/SSL LDAP Auth after ADM upgrade to latest build 13.0-71.40 – TLS Handshake fails with “Unknown CA”

Permanent fix provided in next build ADM 13.0-76.xx and above.

Workaround ::


Execute one of these commands in ADM CLI to overwrite Certificate attribute retrieval faulty code. Customers can keep the existing LDAP Settings, no need to change anything. External authentication should work correctly now over SSL/TLS Security.


LDAPTLS_REQCERT=never ldapsearch -D CN=[service_account],CN=users,DC=lab,DC=com -H ldaps://[ldap_ip]:636 -b DC=lab,DC=com -Z -A -o nettimeout=3 -w [passwd]


LDAPTLS_REQCERT=never ldapsearch -D CN=[service_account],CN=users,DC=lab,DC=com -H ldap://[ldap_ip]:389 -b DC=lab,DC=com -Z -A -o nettimeout=3 -w [passwd]

Customers can safely proceed and configure LDAP server with security type TLS/SSL. There wouldn’t be any impact.


  • No Related Posts

SSL Error 76: “The security certificate was revoked” When Launching an Application Using NetScaler Gateway

SSL error 76 occurs when a certificate is revoked and it is part of a Certificate Revocation List (CRL). If the revoked certificate is still in use, the ICA client displays this error.

However, even after replacing the certificate with a valid one, the error could still occur. This might happen because of cached CRLs in the user’s profile or machine cache that still identify the certificate as revoked.


  • No Related Posts

“Missing Root Certificate” While Launching StoreFront Management Console In Versions 3.0.1000 & 3.0.2000

When launching the StoreFront management console released with LTSR 7.6 Cumulative Update 1 or 2, the following error is displayed in the console:

“The management console is unavailable because a root certificate is missing. Go to VeriSign and download the certificate VeriSign class 3 Primary CA – G5”

StoreFront missing root certificate error


  • No Related Posts