cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
519
Views
0
Helpful
6
Replies
Enthusiast

Invalid certificate: Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store.

I am Trying to upload Server Certificate for Expressway C and E in my Test Environment, but i am getting below Error message:

Invalid certificate: Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store.

 

2019-10-10_223305.png

 

I was able to upload CA Root Certificate on C and E

 

2019-10-10_223305.png

 

and then tried to upload CRL List , but still couldn't upload C and E Server Certificate

My Deployment is : Windows 2012 acts as DNS/AD/CA and Expressway 8.10.4 with UCM 12.0

+++++++++++++++++++++++++++++++++++++++

I have followed the section : Enable AD CS to Issue"Client and Server Certificates

https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-10/Cisco-Expressway-Certificate-Creation-and-Use-Deployment-Guide-X8-10.pdf

 

CA Root Cert , CSR and Expressway C Signed Cert attached

I just attached it as .txt as its only allowed ext for attachments , change Certs to .CER to and certcrl to .crl

6 REPLIES 6
Hall of Fame Cisco Employee

Re: Invalid certificate: Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store.

SHA1 has been deprecated for quite some time, even VCS changed to SHA256 as the default for the CSRs back in 2015.

 

HTH

java

if this helps, please rate
Enthusiast

Re: Invalid certificate: Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store.

I have reinstalled CA Role with using SHA256 ,

Reissue the Certificate, but still getting same error message 

 

I am attaching Both CA and Expressway C signed Cert using SHA256

 

Enthusiast

Re: Invalid certificate: Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store.

Finally I wasa able to upload the CA and Server Certificate to C and it was accepted

but when i tried to do the same for E , Faced Same error

 

Highlighted

Re: Invalid certificate: Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store.

hi ,

i have same problem , how you reslove that !!

advice me plz

Re: Invalid certificate: Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store.

Recently I had the same problem, it was caused because the NTP had an incorrect date, so if the certificate validation date is in future, you always received the message. "Invalid Certificate: Unrecognized CA".

Beginner

Re: Invalid certificate: Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store.

Hi eslam,

May i know how you over come the error - ""nvalid certificate: Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store.

Thank you !

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards