Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3214
Views
13
Helpful
11
Replies

Expressway Server Certificate Invalid

romy kurniawan
Level 1
Level 1

‎09-06-2022 08:14 PM

I am Trying to upload Server Certificate for Expressway  E, but i am getting below Error message:

Invalid certificate: Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store.

romykurniawan_0-1662519348764.png

i have uploaded CA root certificate to Trusted root certificate.

 

0 Helpful
11 Replies 11

b.winter
VIP
VIP

‎09-07-2022 01:42 AM

What's the CN of the CA?
Is it only a Root CA or also a Intermediate CA?
Can you make a screenshot of the CA page of expressway?

0 Helpful

romy kurniawan
Level 1
Level 1
In response to b.winter

‎09-07-2022 02:01 AM

CN = DigiCert Global Root CA

I get root CA and inter CA. I uploaded both of them on Trusted CA Certificate

romykurniawan_1-1662541069394.png

These are certificate i got from Digicert

romykurniawan_2-1662541205995.png

 

0 Helpful

b.winter
VIP
VIP
In response to romy kurniawan

‎09-07-2022 02:27 AM

Can you open the expressway cert and go to "Details" and make a screenshot of the "issuer" and "enhanced key usage"?

0 Helpful

romy kurniawan
Level 1
Level 1
In response to b.winter

‎09-07-2022 02:38 AM

These are the screenshoot of expressway cert issuer and enhanced key usage

romykurniawan_0-1662543297418.pngromykurniawan_1-1662543386663.png

 

0 Helpful

b.winter
VIP
VIP
In response to romy kurniawan

‎09-07-2022 03:07 AM

Have you tried to export the CA's from the expressway cert and upload those certs into expressway?
In the expressway cert go to "certification path" and export the CA's.

Maybe a reboot helps too. Looks a bit weird.

romy kurniawan
Level 1
Level 1
In response to b.winter

‎09-07-2022 08:37 PM

thanks, after export the CA's from expressway cert and upload it to trusted CA certificate, i can upload the expressway cert into server certificate.

romykurniawan_0-1662608204611.png

 

0 Helpful

b.winter
VIP
VIP
In response to romy kurniawan

‎09-07-2022 10:37 PM

Glad to hear that.
Maybe something was wrong with the CA's which you got. Whereas, if you export them from the certificate, normally is the safest way to get the "correct" CA's.

Would appriciate it to get one of my replies marked as the solution ':)'

dgonzalez1
Level 1
Level 1
In response to b.winter

‎07-07-2023 10:05 AM

This tip also worked for me. In my case there was an intermediate certificate between the CA and the server ones that was missing.

Thank you!

0 Helpful

faizzakiICS
Level 1
Level 1
In response to b.winter

‎10-13-2023 05:03 PM

this worked for my issue as well, thanks for the help

0 Helpful

mustanali
Level 1
Level 1
In response to b.winter

‎12-06-2023 05:02 AM

hello,

I am receiving the same error. how to export the CA certificate. I cannot see any export option.

0 Helpful

b.winter
VIP
VIP
In response to mustanali

‎12-06-2023 05:12 AM

How to export a CA certificate from a .cer file is nothing cisco specific. You could have used google for that:
https://learn.microsoft.com/en-us/azure/application-gateway/mutual-authentication-certificate-management

Section: "Export CA certificate(s) from the public certificate"

0 Helpful
Customers Also Viewed These Support Documents