How to configure KCA to use a server certificate signed by a trusted CA
Originally Published: 2003-04-10
Article Number
Applies To
Microsoft Windows NT 4.0 SP6a
Microsoft Internet Explorer
Issue
When users go to the Keon CA 5.7 Enrollment page, a pop-up window shows a Security Alert that claims there is a problem with the site's security certificate. When the user views the SSL server certificate, the full certificate path is not shown, and the Certificate Status shows the message "This certificate cannot be verified up to a trusted certification authority."
Cause
Resolution
Workaround
Updated the KCA's httpd.conf (in the WebServer\conf directory) and changed the parameter 'SSLServerCertificateFile' for the Enrollment Server's virtual host to point to a server certificate re-signed by a CA chained up to a public root CA. Or, updated the file WebServer\ssl\certs\enrollServer.cert to contain the new re-signed server certificate.
Related Articles
Root CA certificate is required for activation error when importing a custom certificate signed by a known CA into Operati… Number of Views How to 'Trust' the RSA Authentication Manager Security Console Self-Signed Root CA certificate and prevent Cert warnings. Number of Views Authentication Manager How to Retrieve the LDAPS Certificate and Configure an External Identity Source to Use LDAPS Number of Views How to create and configure certificates for HTTPS access when using intermediate CA certs in RSA Identity Governance & Li… Number of Views A website security scanning tool reports that the RSA SecurID Access Portal's server certificate cannot be trusted, even t… Number of Views
Trending Articles
How to Download OTP Token Seed Files from myRSA RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8
Don't see what you're looking for?
