This issue occurs when renewing a certificate on Digicert, stage 500 Posting CSR to CA.
"The server committed a protocol violation. Section=ResponseHeader Detail=CR must be followed by LF"
Further investigation into this issue revealed that the response we receive from DigiCert is not understood by the server.
Reaching out to DigiCert resulted in this response:
This is being caused by Incapsula running on www.digicert.com. The quick workarounds are:
- Use “Set-UseUnsafeHeaderParsing -Enable” in PowerShell prior to invoking the API query
- Use api.digicert.com as the ingress point, instead of www.digicert.com
We have seen success by using the Following with Venafi:
- Create a file names VPlatform.exe.config
- Add the following content to the file
<httpWebRequest useUnsafeHeaderParsing="true" />
- Place the file in the following location:
- Then reset the Services for Venafi