Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
863
Views
0
Helpful
7
Replies

Unable to Upload Expressway C and E certificate

Go to solution
ciscoMFNAO
Level 1
Level 1

‎02-14-2024 02:10 AM

Hello, 

We are facing some issues to renew expired certificates in our Exp-C and Exp-E.

We sucessfully renewed the certificates several times in the past without any issues. Our security team recentely changed the Certificate Issuer role to another host and now the Root CA and Certificate Issuer are diferrent hosts. After this change we are getting the error when we try to upload the new Exp Certificate even after adding the new Root CA Certificate

"Unrecognized CA. This certificate is not currently trusted by the Expressway. This is because the CA certificate is not in the trust store."

We already tried to deleted the old CA certificate and reboot with no success. Windows workstations and servers are accepting certificates after this Certificate Issuer change. 

Can you help? Is that a normal a expected Expresway behaviour because the issuer and CA are diferent hosts? Is there any workaround to solve it? Please check the error, Exp and CA certificates and page print attached. 

Kind Regards,  

Preview file
197 KB
Preview file
32 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Roger Kallberg
VIP
VIP

‎02-14-2024 02:32 AM

This is likely the issue your facing.

image.png

This is taken from the document that I shared earlier.



Response Signature


View solution in original post

0 Helpful
7 Replies 7

Go to solution
b.winter
VIP
VIP

‎02-14-2024 02:22 AM

Have you uploaded this Root-CA cert too?

bwinter_0-1707906121939.png

 

0 Helpful

Go to solution
ciscoMFNAO
Level 1
Level 1
In response to b.winter

‎02-14-2024 02:39 AM

Hi Winter,

Thanks for your replay. I will request this certificate and try again.

Regards,

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP

‎02-14-2024 02:22 AM

Do you have both the root and intermediate certificates of the CA uploaded to the trust store on the Expressways?



Response Signature


0 Helpful

Go to solution
ciscoMFNAO
Level 1
Level 1
In response to Roger Kallberg

‎02-14-2024 02:40 AM

Hi Roger,

Thanks for your replay. I will request this certificate and try again the upload.

Regards,

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP

‎02-14-2024 02:24 AM

Have a look at this document for common issues with certificates in Expressways and how to troubleshoot them. Troubleshoot Expressway Certificates 



Response Signature


0 Helpful

Go to solution
Roger Kallberg
VIP
VIP

‎02-14-2024 02:32 AM

This is likely the issue your facing.

image.png

This is taken from the document that I shared earlier.



Response Signature


0 Helpful

Go to solution
ciscoMFNAO
Level 1
Level 1
In response to Roger Kallberg

‎02-14-2024 03:10 AM

Hi Roger, 

It worked just fine and the certificate were sucessfuly uploaded. 

Thanks so much for your support.

Kind Regards,

0 Helpful
Customers Also Viewed These Support Documents