Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
6235
Views
0
Helpful
10
Replies

Error on uploading a Custom Certificate on a CISCO ESA appliance

Cosmin_George.Iute.external
Level 1
Level 1

‎03-14-2022 07:48 AM - edited ‎03-15-2022 07:45 AM

Hello,

did anyone experienced problems when trying to upload a new Custom Certificate on a CISCO ESA appliance ?

Error when uploading new custom certificate: "Validation Error : Certificate has problem with basic constraints extension & CA flag."

 

AsyncOS 14.0.2 for Cisco C390 build 020

8 people had this problem
Labels:
certificate_error.jpg
Preview file
23 KB
0 Helpful
10 Replies 10

balaji.bandi
Hall of Fame
Hall of Fame

‎03-14-2022 08:09 AM

check this thread may help you :

 

https://community.cisco.com/t5/web-security/wsa-issue-error-certificate-signature-verification-failed/td-p/3874120

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Cosmin_George.Iute.external
Level 1
Level 1

‎03-15-2022 07:46 AM

Hi Balaji,

Thank you for your post, but error is different.

certificate_error.jpg
Preview file
23 KB
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Cosmin_George.Iute.external

‎03-15-2022 10:15 AM

Do you have loca CA root cert added ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Cosmin_George.Iute.external
Level 1
Level 1
In response to balaji.bandi

‎03-18-2022 03:49 AM

there is no issue when uploading root or intermediate certificate in the Custom CA section.

Only problem when trying to upload an host or domain certificate.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Cosmin_George.Iute.external

‎03-18-2022 03:52 AM

if you have CA already you should be able to SAN Cert

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Cosmin_George.Iute.external
Level 1
Level 1
In response to balaji.bandi

‎03-18-2022 03:59 AM

when I had AsyncOS 13, everything was fine, there was no issue with updating any custom CA certificate

0 Helpful

Ken Stieers
VIP
VIP
In response to Cosmin_George.Iute.external

‎03-18-2022 03:00 PM

Right, you can't load a host cert there.
That is for root/intermediate CA certs only.

What issue are you trying to solve?

0 Helpful

Ken Stieers
VIP
VIP

‎03-15-2022 08:23 AM

Which cert are you trying to install? That looks like you’re in Network/Certificates and in the Custom CA upload?  That gui is expecting CA or intermediate CA certificates.

So if you’re uploading the cert for the box, either for use on the web gui, or for mail transfer, you upload it in to the appliance certificates section, then assign it where you need it.

0 Helpful

Cosmin_George.Iute.external
Level 1
Level 1
In response to Ken Stieers

‎03-16-2022 03:50 AM

I'm trying to upload an custom CA certificate to the Network/Certificates and in the Custom CA section.

 

0 Helpful

rizzoca
Level 1
Level 1
In response to Cosmin_George.Iute.external

‎05-10-2022 08:02 AM

Did you find a resolution for this? I am updating the ESA cluster with our renewed wildcard cert and getting the same error?

0 Helpful
Customers Also Viewed These Support Documents
Top