Everything was working correctly, but when I install a trusted certificate on the Encryption server all my keys become invalid. If I switch back to the non-trusted key it works fine. Anyway to get this working without adding the non-trusted key to my root certificate authority?