How to configure KCA to use a server certificate signed by a trusted CA
Originally Published: 2003-04-10
Article Number
Applies To
Microsoft Windows NT 4.0 SP6a
Microsoft Internet Explorer
Issue
When users go to the Keon CA 5.7 Enrollment page, a pop-up window shows a Security Alert that claims there is a problem with the site's security certificate. When the user views the SSL server certificate, the full certificate path is not shown, and the Certificate Status shows the message "This certificate cannot be verified up to a trusted certification authority."
Cause
Resolution
Workaround
Updated the KCA's httpd.conf (in the WebServer\conf directory) and changed the parameter 'SSLServerCertificateFile' for the Enrollment Server's virtual host to point to a server certificate re-signed by a CA chained up to a public root CA. Or, updated the file WebServer\ssl\certs\enrollServer.cert to contain the new re-signed server certificate.
Related Articles
Root CA certificate is required for activation error when importing a custom certificate signed by a known CA into Operati… Number of Views How to 'Trust' the RSA Authentication Manager Security Console Self-Signed Root CA certificate and prevent Cert warnings. Number of Views How to create and configure certificates for HTTPS access when using intermediate CA certs in RSA Identity Governance & Li… Number of Views A website security scanning tool reports that the RSA SecurID Access Portal's server certificate cannot be trusted, even t… Number of Views How to replace the RSA Authentication Manager 8.1 SP1 self-signed console certificate with a certificate that uses SHA-256 Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide
Don't see what you're looking for?
