Certmonger: SCEP request failing with error "failed to verify signature on server response"
Issue
- Certmonger request to SCEP server is failing with following error.
Oct 13 15:01:47 server1 certmonger[1376871]: -----BEGIN PKCS7-----
Oct 13 15:01:47 server1 certmonger[1376871]: MIIDFQYJKoZIhvcNAQcCoIIDBjCCAwICAQExCzAJBgUrDgMCGgUAMBAGCSqGSIb3
.
.
Oct 13 15:01:47 server1 certmonger[1376871]: 5WTShDD6lPLivoxRIzPjEZ0f4q4nbkwE9A==
Oct 13 15:01:47 server1 certmonger[1376871]: -----END PKCS7-----
Oct 13 15:01:47 server1 scep-submit[1376871]: error:03000098:digital envelope routines::invalid digest
Oct 13 15:01:47 server1 scep-submit[1376871]: error:10800069:PKCS7 routines::signature failure
Oct 13 15:01:47 server1 scep-submit[1376871]: error:10800069:PKCS7 routines::signature failure
Oct 13 15:01:47 server1 certmonger[575383]: 2023-10-13 15:01:47 [575383] Error: failed to verify signature on
server response. error:10800069:PKCS7 routines::signature failure
Environment
- Red Hat Enterprise Linux 9
- Certmonger
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.