Imported CA not showing Root chain in KCA Admin Console
Originally Published: 2002-01-03
Article Number
Applies To
Issue
Took a CA certificate from one KCA installation (KCA1) over to the other KCA installation (KCA2) and signed it by the KCA2's Root CA. The new re-signed CA certificate got the entire chain. Then imported the re-signed CA certificate back into KCA1. Trusted KCA2's Root CA on KCA1. However even KCA2's Root CA is trusted on KCA1, when viewing this CA under "CA Operations" workbench through the Admin Server, the Certificate Chain still shows "Unknown".
Cause
Resolution
Related solution: Creating a CA hierarchy across multiple Sentry CA/Keon CA installations.
Related Articles
A large number of user sessions showing on the UI in SecurID Governance & Lifecycle Number of Views 'com.aveksa.server.db.PersistenceException:n/a' errors when importing business source metadata into RSA Identity Governanc… Number of Views Assign a replacement RSA SecurID token to a user in RSA Authentication Manager Number of Views An individual user's Monitoring page is not loading in the RSA Identity Governance & Lifecycle user interface Number of Views Role Stuck in 'Applied' or 'Applied New' State with 'Additional Changes Cannot Be Made' error in RSA Governance & Lifecycle Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
