Showing results for 
Search instead for 
Did you mean: 

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

Filip Po

ACS 5.5 and Certificate Validation Error: Certificate binding failed. No matching signing request found.

Dear Community,

I generate Sign Request, than sign it on CA.

Then try to upload it back but error arrise: Certificate Validation Error: 'Certificate binding failed. No matching signing request found.'

I used ACS Patch 7.

Did anyone went through this error?

I tried use another CA, but the result is the same.

I already checked validity of CA cert.

Thank you.

Kind regards, 


Kanwaljeet Singh
Cisco Employee

Hi Filip,

When you say you have checked the validity of cert, how did you check it?

You can check here if CSR and certificate are a match:

If yes, what is the format of the certificate that you are  trying to upload? Supported formats are cer, der and pem.



Note: Please mark answers if they are helpful.

I checked certificate of CA if is still valid on ACS.

Thank you for link, for test purpose looks well.

I use .cer format.

Hi Filip,

You are welcome!

So when you check certificate (identity) as well as the CSR in the link provided, does it match fine?



Note: Please mark answers if they are helpful.

Here is positive results.

Hi Filip,

So you go to "outstanding signing requests" and you see the same CSR, and then when you go here "System Administration >     Configuration >     Local Server Certificates >     Local Certificates  >     Create" ,  you select " Bind CA certificate", browse and you get the error, corrrect?

Is it possible to share the certificate?



Note: Please mark answers if they are helpful.

Yes correct I used Bind CA certificate.

I opened TAC case recently. By me it is than internal issue of ACS.

Filip Po

Here is the soluton: There should be only one CSR in the list! Then it worked and ACS bind CA ussued certificate to CSR.

There is no information in documentation or release notes that I have to have only one CSR in the list under System Administration > Configuration > Local Server Certificates > Outstanding Signing Requests at the time when I try to bind CA signed certificate.

  1. Delete the all old CSR.
  2. Please try generating another CSR. Ensure you see the CSR in Outstanding Signing Requests. Generate the certificate for this and try binding the new certificate again.
Recognize Your Peers
Content for Community-Ad

ISE Webinars

Did you miss a previous ISE webinar?

CiscoISE YouTube Channel