topic Re: ISE import CA signed certificate - path validation failed in Wireless

ISE import CA signed certificate - path validation failed

jheuke007 — Mon, 05 Jul 2021 18:33:12 GMT

Hi,

when importing/ binding CA signed certificate (multi-use) to ISE I receive the error "certificate path validation failed. Make sure required certificate chain is imported under trusted certificates".

As we don't have a cert chain - I've only importet the Root CA cert. into the trusted certificates store.

Currently I'm on ISE 2.4.0.357

Am I missing something important here?

Thanks a lot!

Re: ISE import CA signed certificate - path validation failed

pieterh — Fri, 17 Jan 2020 08:50:51 GMT

did you follow this document (or other ISE version)?

are you sure no intermediate CA is involved ? if so you may need to import this also in the trusted store

Re: ISE import CA signed certificate - path validation failed

dbogdan — Tue, 09 Feb 2021 20:39:56 GMT

Not sure anyone is reading this one anymore because it's old. I had the same issue and found that the Root certificate for the CA was missing. We use GlobalSign and it wasn't there. Once I imported their root cert, and their intermediate cert I was able to bind. I hope that helps anyone looking for an answer here.

Re: ISE import CA signed certificate - path validation failed

eddcabal — Mon, 05 Dec 2022 22:34:03 GMT

Adding to this error, ran into same issue with internal MSFT PKI (Root + Sub). Had to import both CA certs which doesn't make sense but my guess is it because the ISE server doesn't know or trust either CA's during and after import

Re: ISE import CA signed certificate - path validation failed

Scott Fella — Tue, 06 Dec 2022 06:02:37 GMT

I have always imported the full chain even if there are multiple intermediate CA’s.