Import certificate (signed by CA) - unable to get local issuer certificate

[zeropage]

Hi their.

I operate my own CA, imported in OPNsense and would like to use a certificate for OpenVPN Server. I have taken the following steps:

• I imported the certificate of my CA into OPNsense (System: Trust: Authorities)
• Created a CSR for a leaf certificate in OPNsense (System: Trust: Certificates)
• Signed the CSR with my intermediate CA.
• Opened the CSR for editing in OPNsense and inserted the PEM data of the certificate.
• When I try to save the new certificate, I get the error message "Invalid X509 certificate provided: error 20 at 0 depth lookup: unable to get local issuer certificate".

Unfortunately, the list of certificates shows "self-signed" in the "Issuer" column instead of the name of my CA. I cannot select my CA in OPNsense, either when creating the CSR or when importing. The problem is becoming somewhat urgent because I only have 4 days left to replace the certificate that was imported in the same way 3 years ago with a new one. Thanks in advance!

[viragomann]

Save the private key of the CSR. Then remove the CSR and import a new certificate by inserting the cert data and the private key.

[zeropage]

Save the private key of the CSR. Then remove the CSR and import a new certificate by inserting the cert data and the private key.

Thank you, that helps me a lot.