I'm trying to setup a RA VPN using 3rd party RSA sigs on an ASA 5540 v8.0(4) thru ASDM v6.2(1). The problem appears to be my inability to get the device to recognize/validate the 2 root CA certificates. I have an identity certificate that uses one root CA chain. I'm trying crl checks via ocsp and the responder cert is in a different root CA chain. How do I setup trusts with multiple CA chains? My identity cert and it's chain get validated but since the reponder cert is in a different CA chain I can't get it validated and my connection fails. I have trustpoints configured for both chains.