[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4996
  • Last Modified:

Can't issue SSL certificate to web server - "A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider"

I'm running a W2k domain with a W2k3 Certificate Authority (Enterprise, Root).  I can request a cert for SSL on the CA, but if I try to do this from another computer (XP), then I get the error on the CA: ""A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider"

After checking the event log, I also find: "Certificate Services could not process request 10 due to an error: The request's current status does not allow this operation. "

And:

"Certificate Services could not publish a Base CRL for key 0 to the following location: ldap:///CN=Medapp Root CA,CN=serv03,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=ecfs,DC=net.  The specified server cannot perform the requested operation. "

Thank you
0
fuze44
Asked:
fuze44
  • 2
1 Solution
 
tatwCommented:
First of all, have u add the root cert to your XP computer?
0
 
fuze44Author Commented:
Yes, via the Certsrv web page.  The XP system stated that it installed successfully, but the server's Application log instantly logged 5 entries of:

Could not build a certificate chain for CA certificate 0 for Medapp Root CA.  A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. 0x800b0109 (-2146762487).
0
 
fuze44Author Commented:
tatw, I figured it out.  Thanks anyway.

Root CA cert must be placed into Trusted Root Certification Authorities.

1. CA MMC: Root CA Properties: General: View Certificate: Details: Copy to File
2. Group Policy for Default Domain Policy MMC: Comp config: Windows Settings: Security Settings: Public Key Policies: Trusted Root Certification Authorities: Import (r-click)
3. CMD: GPUPDATE
0
 
NetminderCommented:
Closed, 500 points refunded.
Netminder
Site Admin
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now