https://community.cisco.com/t5/network-access-control/cisco-ise/m-p/5361191#M599539 <P>Hello,</P><P>I need to renew a certificate that is expiring soon, which is used for Admin access, EAP authentication, and RADIUS DTLS.<BR />This certificate is signed by our internal certification authority.</P><P>I generate a CSR and sign it with our certification authority, but when I attempt to bind the certificate using the Bind button, the following error is displayed:&nbsp;<SPAN>Certificate path validation failed. Make sure required Certificate Chain is imported under Trusted Certificates.</SPAN></P><P>Of course, both our subordinate CA and root CA are uploaded in the Trusted Certificates store.We are running version 2.6.0.156.<BR />Am I missing something?</P> Wed, 14 Jan 2026 13:38:42 GMT CARGO 2026-01-14T13:38:42Z https://community.cisco.com/t5/network-access-control/cisco-ise/m-p/5361191#M599539 <P>Hello,</P><P>I need to renew a certificate that is expiring soon, which is used for Admin access, EAP authentication, and RADIUS DTLS.<BR />This certificate is signed by our internal certification authority.</P><P>I generate a CSR and sign it with our certification authority, but when I attempt to bind the certificate using the Bind button, the following error is displayed:&nbsp;<SPAN>Certificate path validation failed. Make sure required Certificate Chain is imported under Trusted Certificates.</SPAN></P><P>Of course, both our subordinate CA and root CA are uploaded in the Trusted Certificates store.We are running version 2.6.0.156.<BR />Am I missing something?</P> Wed, 14 Jan 2026 13:38:42 GMT https://community.cisco.com/t5/network-access-control/cisco-ise/m-p/5361191#M599539 CARGO 2026-01-14T13:38:42Z https://community.cisco.com/t5/network-access-control/cisco-ise/m-p/5361204#M599543 <P>Without seeing certs not exactly sure, but at our org they recently updated the sub cert, so make sure if they have updated the sub or rootCA cert you import those.&nbsp;</P> Wed, 14 Jan 2026 14:04:32 GMT https://community.cisco.com/t5/network-access-control/cisco-ise/m-p/5361204#M599543 Dustin Anderson 2026-01-14T14:04:32Z https://community.cisco.com/t5/network-access-control/cisco-ise/m-p/5361235#M599544 <P>Yes, you are right — the issuing CA was updated and I wasn’t aware of it.<BR />Thank you very much.</P> Wed, 14 Jan 2026 16:18:50 GMT https://community.cisco.com/t5/network-access-control/cisco-ise/m-p/5361235#M599544 CARGO 2026-01-14T16:18:50Z https://community.cisco.com/t5/network-access-control/cisco-ise/m-p/5361269#M599545 <P>Glad it worked, now the other fun is do devices have the new cert. We ran into devices not trusting ISE for auth since it was now signed with the new cert authority it didn't trust. Just something to watch for if devices stop 802.1x.&nbsp;</P> Wed, 14 Jan 2026 17:08:14 GMT https://community.cisco.com/t5/network-access-control/cisco-ise/m-p/5361269#M599545 Dustin Anderson 2026-01-14T17:08:14Z