Property x5c has invalid value X5C must has at least one valid item

Question

got the error while merging the certificate in azure key vault but when we tried to merge by removing the intermediate root and certificate chain from .cer file that works. Any idea what caused to merge certificate task.

Answer 1

@Sukant Virkud
Thank you for your post and I apologize for the delayed response!

I found a few internal support requests where other customers ran into the same issue. I'll share the solution below to hopefully help point you in the right direction.

Error Message: Property x5c has invalid value X5C must has at least one valid item

Root cause:
Depending on your Certificate's Header and Footer you might see something similar to the below.

-----BEGIN PKCS7-----   
Certificate Info  
-----END PKCS7-----  

According to our engineering team, Certificates with a Header/Footer similar to this worked previously because the portal removed the header and footer from the certificate, and only sent the certificate body in the request to the AKV backend. However, due to a recent change the Azure Portal was updated to support merging the certificate with its chain, which requires sending everything from the certificate, including the header and footer.

Solution:
Due to this change, you'll have to now use the Begin/End Certificate Header/Footer in order to merge your certificate. For more info.

-----BEGIN CERTIFICATE-----   
-----END CERTIFICATE-----  

If you have any other questions or are still having issues with this, please let me know.
Thank you for your time and patience throughout this issue.

----------

Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.