ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Adding A Certificate Sets It To NOTRUST In Top Secret


Article ID: 15182


Updated On:


Top Secret Top Secret - LDAP


When adding a certificate to Top Secret, it is set to NOTRUST and a message is issued saying signer not found even though the signing certificate appears to be in Top Secret. Why is this happening?




If a certificate is being added to the security file or signed by another certificate and the signing certificate is not already on the security file, it will be added to the security file with NOTRUST.

If the signer certificate is on the security file, the certificate will be added with the TRUST status. 

The message is NOT an error message. It's is just an informational message to inform the user that the signing certificate is missing from the security file and it needs to be added.

Changing it to TRUST is the appropriate action:


When listing the certificate (TSS LIST(acid) DIGICERT(certname), if the subject distinguished name and issuer distinguished name don't match, then it is a signed certificate. Look for a 'SIGNED BY'. If it is missing, the signing certificate is not on the security file.