I have been on the phone with GoDaddy support at least 3 times, chatted twice, and I am still beating my head against the wall on this issue. We have a wildcard certificate provided by GoDaddy. Importing to IIS and most of our servers seems to work fine. When importing to our Nutanix Prism service it complains that the CA-Cert contains an SHA1 signature algorithm. I have been told to rekey and have done twice now with the same result. Support even went to the trouble of looking at the cert on our public website, which isn't using the wildcard cert (externally managed).
Here are the steps I have taken to reproduce:
1. Download the rekeyed certificate.
2. Import the Intermediate Certificates (gd-g2_iis_intermediates.p7b) into Windows Server 2019
3. Complete the CSR Request to import the cert into IIS (.crt file)
4. Export the certificate with private key into PKCS12 (.pfx) format
5. Run commands to get files that Nutanix Reads:
Nutanix fails import complaining "Import Files verification failed. Signature Algorithm in the CA is not
supported. Please select a valid CA and to include in TLS handshake."
And when I plug the first certificate in the cacerts.cer chain into the GoDaddy Certificate Decoder I see the issue:
Anyone have any thoughts about how to fix this issue or get GoDaddy to do so??
Solved! Go to Solution.