If attempting to use a Certificate Signing Request (CSR) generated outside of Safeguard.
If using CSR generated outside of Safeguard (e.g. from OpenSSL), then the certificate file that is imported must include the private key. The file should be in the PKCX#12 .PFX format.
If attempting to use a Safeguard generated Certificate Signing Request (CSR)
The certificate must be generated from the specific CSR file created by the Safeguard node. CSR files cannot be reused.
Delete any outstanding Certificate Signing Requests from Settings | Certificates | Certificate Signing Requests, then follow the below to create a new CSR