Error: Certificate is not a valid CA certificate in SSL Visibility Appliance

book

Article ID: 168457

calendar_today

Updated On:

Products

SSL Visibility Appliance Software

Issue/Introduction

You are trying to upload a public and private keypair, or complete the upload of a CSR that was created by the SSL Visibility Appliance and signed by a CA for use as a Resigning Certificate Authority, and encounter this error.

Cause

The certificate was not created as an intermediate Certificate Authority.

 

Resolution

View the certificate so that you can review the details. If necessary, change the .pem extension to .cer, which Windows will recognize as a certificate, so you can open the file in Windows, and view or interact with the certificate.

View the Details tab, and ensure that there is a section called Basic Constraints, with a value of CA=True.