Hello there
I'm Using Minemeld version 0.9.68 (Ubuntu) PA version 8.1.12 I'm attempting to install a PA cert on the MineMeld server using this guide:
https://live.paloaltonetworks.com/t5/minemeld-articles/how-to-generate-new-minemeld-https-cert/ta-p/101331
BTW - I'm using a Windows machine, and I use putty to SSH into the MineMeld server.
I have no problem exporting the cert (it gets saves as a .txt file in windows). However this is where my luck ends.
Step 4 says "The pem file that you generated will have both the private and public key so you need to split the two. This is how I did it, you may have a better way. The file is readable so you can copy and paste the sections into two different files or use the CLI commands:
[minemeld ~]$ cat cert_minemeld.pem | awk 'split_after==1{n++;split_after=0} /---- -END CERTIFICATE-----/ {split_after=1} {print > "minemeld" n ".cer"}'
This command does execute but it creates 2 .cer files with incorrect formatting.
So as a work around, I deleted these newly created files and instead used pico minemeld.cer to create a new file and paste the top part of the text file into it, and pico miemeld1.cer to paste the key part of the txt file into that.
Then..
[minemeld ~]$ sudo cp minemeld.cer /etc/nginx/minemeld.cer
This command works.
However, the next command does not:
[minemeld ~]$ sudo openssl rsa -in minemeld1.cer -out -out /etc/ngnix/minemeld/minemeld.pem
Ok - even when I remove one of the "-out" parameters, I get the following error:
unable to load Private Key 139786609165976:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:701:Expecting: ANY PRIVATE KEY
Any help would be greatly appreciated!
Cheers
Steve
... View more