Error: Certificate is not a valid CA certificate in SSL Visibility Appliance
book
Article ID: 168457
calendar_today
Updated On:
Products
SSL Visibility Appliance Software
Issue/Introduction
You are trying to upload a public and private keypair, or complete the upload of a CSR that was created by the SSL Visibility Appliance and signed by a CA for use as a Resigning Certificate Authority, and encounter this error.
Cause
The certificate was not created as an intermediate Certificate Authority.
Resolution
View the certificate so that you can review the details. If necessary, change the .pem extension to .cer, which Windows will recognize as a certificate, so you can open the file in Windows, and view or interact with the certificate.
View the Details tab, and ensure that there is a section called Basic Constraints, with a value of CA=True.