You are trying to upload a public and private keypair, or complete the upload of a CSR that was created by the SSL Visibility Appliance and signed by a CA for use as a Resigning Certificate Authority, and encounter this error.
The certificate was not created as an intermediate Certificate Authority.
View the certificate so that you can review the details. If necessary, change the .pem extension to .cer, which Windows will recognize as a certificate, so you can open the file in Windows, and view or interact with the certificate.
View the Details tab, and ensure that there is a section called Basic Constraints, with a value of CA=True.
SSL Visibility Appliance Admin guide:
"Certificate resign mechanism relies on the SSL Visibility Appliance having a trusted CA certificate that can be used to sign SSL server certificates that have been intercepted and modified."
Imported Document ID: 000023940
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.