Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
9995
Views
25
Helpful
4
Replies

ISE import CA signed certificate - path validation failed

jheuke007
Level 1
Level 1

‎01-16-2020 11:27 PM - edited ‎07-05-2021 11:33 AM

Hi,

 

when importing/ binding CA signed certificate (multi-use) to ISE I receive the error "certificate path validation failed. Make sure required certificate chain is imported under trusted certificates".

As we don't have a cert chain  - I've only importet the Root CA cert. into the trusted certificates store.

 

Currently I'm on ISE 2.4.0.357

 

Am I missing something important here?

 

Thanks a lot!

1 person had this problem
Labels:
0 Helpful
4 Replies 4

pieterh
VIP
VIP

‎01-17-2020 12:50 AM

did you follow this document (or other ISE version)?

are you sure no intermediate CA is involved ?  if so you may need to import this also in the trusted store

dbogdan
Level 1
Level 1

‎02-09-2021 12:39 PM

Not sure anyone is reading this one anymore because it's old.  I had the same issue and found that the Root certificate for the CA was missing.  We use GlobalSign and it wasn't there. Once I imported their root cert, and their intermediate cert I was able to bind.  I hope that helps anyone looking for an answer here.  

eddcabal
Cisco Employee
Cisco Employee

‎12-05-2022 02:34 PM

Adding to this error, ran into same issue with internal MSFT PKI (Root + Sub). Had to import both CA certs which doesn't make sense but my guess is it because the ISE server doesn't know or trust either CA's during and after import

Scott Fella
Hall of Fame
Hall of Fame
In response to eddcabal

‎12-05-2022 10:02 PM

I have always imported the full chain even if there are multiple intermediate CA’s.
-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top