topic Re: Is the Root CA to be added to trusted certs before creating CSR in Network Access Control

Is the Root CA to be added to trusted certs before creating CSR

NetworkMonkey101 — Tue, 28 Nov 2023 10:50:37 GMT

Hi all,

I created the CSR and had it signed. Following that I attempted to bind but got an error of "Certificate path validation failed. Make sure required Certificate Chain is imported under Trusted Certificates."

I have now added the Root CA to the trusted cert store within ISE but still get the same error. Should I have added the Root CA before generating the CSR? If so I will need to delete the CSRs and recreate now the Root CA is present?

Thanks

Re: Is the Root CA to be added to trusted certs before creating CSR

MHM Cisco World — Tue, 28 Nov 2023 11:22:14 GMT

Sorry this network device or client OS?

MHM

Re: Is the Root CA to be added to trusted certs before creating CSR

Rob Ingram — Tue, 28 Nov 2023 11:17:39 GMT

@NetworkMonkey101 no the root/intermediate certificate(s) do not need to be imported before generating the CSR, but they must be imported in to the "Trusted Certificates" before importing the signed certificate.