Intermediate CA certificate not presented to browsers

Article:TECH157432  |  Created: 2011-04-05  |  Updated: 2011-11-23  |  Article URL http://www.symantec.com/docs/TECH157432
Article Type
Technical Solution


Environment

Issue



The intermediate CA certificate (and the root certificate sometimes) is not presented to browsers. Only the assigned SSL network certificate is shown, so the browser does not accept the certificate as trusted, although the certificate should be trusted automatically.


Cause



When the SSL certificate is assigned to the Universal Server Network Interface, the Universal Server automatically searches the Trusted Keys for the Intermediade CA and Root CA certificates. If these are found, the PGP Universal Server then combines these certificates and serves these as soon as a browser requests the SSL certificate.

If the Root CA or Intermediate CAare not in the Trusted Keys when saving the certificate to the Network Interface, only the end certificate is assigned to the interface. Also importing the CA certificates later does not change this.


Solution



Make sure, all intermediate and root CA certificates are imported to Trusted Keys. Afterwards go to System > Network and select the correct interface. Now assign None certificate to this interface and click Save. After this, return to the same page and re-assign the correct network certificate again and click Save. Now the whole certificate chain should be presented to the end users internet browser.




Article URL http://www.symantec.com/docs/TECH157432


Terms of use for this information are found in Legal Notices