I'm trying to import an RSA private key and X.509 server certificate into an ICX6450-C12-PD running FastIron 08.0.30u as follows:
(config)#ip ssl private-key-file tftp 220.127.116.11 key.pem
Downloading RSA private key file, please wait...
Download RSA certificate data file to create the certificate.
(config)#ip ssl certificate-data-file tftp 18.104.22.168 cert.pem
Downloading RSA certicate data file, please wait...
Creating certificate, please wait...
This consistently fails with error:
Cert import failed....Could not parse the PEM-encoded import data
Things I've tried:
- 2048-bit and 1024-bit RSA keys
- Encrypted and unencrypted keys
- SHA-256 and SHA-1 signatures
- v3 and v1 certificates
- Bare-minimum certificates without any extensions
- Subject Name fields matching Brocade defaults
- LF and CRLF line endings
- No line breaks at all
Is this feature even functional at all? Neither the Command Reference nor the Security Configuration Guide specify supported file formats, but my test cases have covered even the most legacy, compatible extremes without success.