Issue
The certificate and private key uploaded is incompatible with the associated application. Either:
- The private key uploaded was not used to sign the certificate,
- The private key is not in PKCS#8 format (e.g. starts with BEGIN PRIVATE KEY as opposed to BEGIN RSA PRIVATE KEY), and/or
- The certificate was not uploaded to the Azure portal.
Resolution
- Regenerate the certificate and private key.
> openssl genrsa -out tempprivatekey.key 2048
> openssl pkcs8 -topk8 -inform PEM -outform PEM -in tempprivatekey.key -out privatekey.key -nocrypt
> openssl req -new -key privatekey.key -out request.csr
> openssl x509 -req -days 365 -in request.csr -signkey privatekey.key -out certificate.crt - Upload the certificate to the associated Azure application. Navigate to App Registrations and click on your created application. Then, under Manage, navigate to Certificates & secrets and upload the certificate (certificate.crt)
- Reupload the certificate and private key to Glean.
If you are still having difficulty with setup, please reach out to support@glean.com.