While trying to update the HTTPS/TLS certificate on my Brother MFD, I got the following error:
The size of PKCS#12 file is too large.
I’m using a Let’s Encrypt-generated certificate and had packaged the full chain.
The fix I found was to just use the end cert. I generated it using this command, on a box where I generate my cert for this printer with certbot:
sudo openssl pkcs12 -export -out ~/brother.pfx \
-inkey /etc/letsencrypt/live/brother.example.com/privkey.pem \
-in /etc/letsencrypt/live/brother.example.com/cert.pem
One day I’ll automate the upload, but they randomize the login form, use CSRF and have a few other protections that make it surprisingly complicated. Woo, security?
I did have to giggle at DuckDuckGo’s ad when searching for the error…
