You are trying to upload a public and private keypair, or complete the upload of a CSR that was created by the SSL Visibility Appliance and signed by a CA for use as a Resigning Certificate Authority, and encounter this error.

The certificate was not created as an intermediate Certificate Authority.

 

View the certificate so that you can review the details. If necessary, change the .pem extension to .cer, which Windows will recognize as a certificate, so you can open the file in Windows, and view or interact with the certificate.

View the Details tab, and ensure that there is a section called Basic Constraints, with a value of CA=True.