Validation of Certificate Chain Fails
The error, "The certificate chain in the configuration details of the certificate is invalid," can occur when you import a certificate. A failure at any point during the validation of the certificate chain causes the error.
When you import a certificate, the Certificates service performs various checks to validate the certificate chain. Any failures during the validation process cause the service to consider the certificate chain invalid.
Confirm that the certificate chain includes all certificate authority (CA) certificates up to and including the root certificate. Also, confirm that all certificates in the chain meet the following requirements:
- The certificate's common name is non-null.
- In the basic constraints extension, the
isCA
bit is set to true. - In the basic constraints extension, if the path length is specified, the number of intermediate certificates in the certificate chain hierarchy does not exceed it.
- If the key usage extension is present, it includes
KEY_CERT_SIGN
.