Issue: Digicert Protocol Violation "CR must be followed by LF"


This issue occurs when renewing a certificate on Digicert, stage 500 Posting CSR to CA.

"The server committed a protocol violation. Section=ResponseHeader Detail=CR must be followed by LF"


Further investigation into this issue revealed that the response we receive from DigiCert is not understood by the server.
Reaching out to DigiCert resulted in this response:

This is being caused by Incapsula running on The quick workarounds are:

  1. Use “Set-UseUnsafeHeaderParsing -Enable” in PowerShell prior to invoking the API query
  2. Use as the ingress point, instead of

Other Workarounds

We have seen success by using the Following with Venafi:

  • Create a file names VPlatform.exe.config
  • Add the following content to the file


<httpWebRequest useUnsafeHeaderParsing="true" /> 


  • Place the file in the following location:

C:\Program Files\Venafi\Platform

  • Then reset the Services for Venafi



Was this article helpful?
0 out of 0 found this helpful