Error: Keyring does not have a certificate authority's certificate: 'keyring-name'

book

Article ID: 166837

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

The error occurs when the custom SSL certificate used for SSL interception does not have a valid CA attribute. Such certificates where valid prior to SGOS 6.5.x because certificate validation was not as strict. Changes made in SGOS 6.5.x has have strengthened the certificate validation process.

Resolution

To verify that the certificate has the necessary attributes:

  1. Download the SSL certificate to the local workstation (https://x.x.x.x:8082/SSL/Download_ca).
  2. Double-click the certificate to open it and select the Details tab.
  3. Scroll to the Basic Constraints field. 
  4. Determine if the certificate is signed correctly.