Importing client certificate into Google Chrome receives error message indicating that the certificate is not a root certificate.

book

Article ID: 142328

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP

Issue/Introduction

Client certificate without private key gets imported into Google Chrome but receives an error message from Chrome indicating that its not a root certificates. The certificates seems to work when connecting to the mainframe, it there a problem or is everything ok?

Environment

Release : 16.0
Component : CA Top Secret for z/OS

Resolution

The need for a private key is not dictated by CA Top Secret, but by the application.

If the application is connects with not having the private key, then there is no problem.

The private is usually present for a client/personal certificate.

The Google Chrome browser authors also know that ‘usually’ the private key is present for client certificates and puts out warning message warning just in case, users do not realize that the personal/client certificate that is being imported doesn’t have a private key. Root certificate are the ones that ‘usually’ don’t have the private key and not the personal/client certificates.

Since a connections was establish successfully with the client certificate, there is not problem and the Google Chrome warning can be ignored.