Brother MFD PKCS#12 file is too large

While trying to update the HTTPS/TLS certificate on my Brother MFD, I got the following error:

The size of PKCS#12 file is too large.

I’m using a Let’s Encrypt-generated certificate and had packaged the full chain.

The fix I found was to just use the end cert. I generated it using this command, on a box where I generate my cert for this printer with certbot:

sudo openssl pkcs12 -export -out ~/brother.pfx \
    -inkey /etc/letsencrypt/live/brother.example.com/privkey.pem \
    -in /etc/letsencrypt/live/brother.example.com/cert.pem

One day I’ll automate the upload, but they randomize the login form, use CSRF and have a few other protections that make it surprisingly complicated. Woo, security?

I did have to giggle at DuckDuckGo’s ad when searching for the error…

I guess that's a problem for people with .... big certificates?



#brother #security #errors #howto