UW Digital ID - Certificate Trust Issues

This document describes troubleshooting procedures that can correct certificate trust issues.

In rare cases your certificate may not be trusted upon first installation.   An untrusted certificate will have limited functionality and will most likely result in warnings when you attempt to sign or encrypt digital content.  

Attempts to install an untrusted certificate may result in warning messages similar to those shown below:

SecurityWarningCA.JPG


By clicking ok, you will be able to install your certificate.  However it will still appear untrusted in your certificate manager.

Macintosh Keychain:

mac-untrusted.png


Microsoft Certificate Manager:
winuntrustedpath.jpg

To correct this issue you must manually install the intermediate certificates that tie your personal certificate to a trusted root certification authority.  The following links allow you to download the intermediate certificates that are required to build a valid trust chain for an Entrust issued UW Digital ID:
Please note that the intermediate certificates are hosted on the University of Wisconsin's certificate vendor's site and they are both the trusted root and intermediate certificate owner.

Once you have downloaded the certificates above, double click the file to install and then verify that your certificate is now properly trusted.  

*Note: Thunderbird users experiencing certificate trust issues will need to import both intermediate certificates listed above manually.  This can be accomplished by navigating to "Tools > Account Settings > Security".  Then click on the "View Certificates" button and select the "Authorities" tab, finally click the button labeled "Import" and select the file you wish to import.


 





Keywords:pki uw digital id untrusted certificate signed by untrusted issuer   Doc ID:16095
Owner:Steven T.Group:Digital ID
Created:2010-12-06 19:00 CDTUpdated:2015-07-30 12:10 CDT
Sites:Access Management Services, Digital ID, DoIT Help Desk, DoIT Tech Store
Feedback:  0   0