Validation of Certificate Chain Fails When Creating or Updating Certificate Authority or Certificate
An error in the validation of the certificate chain can occur when you create or update a certificate authority or certificate. A failure to validate the common name at any point in the certificate chain causes the error.
- Creation of the CA certificate failed. The certificate chain in the configuration details of the certificate is invalid.
- CA certificate update failed. The certificate chain in the configuration details of the certificate is invalid.
- Creation of the certificate failed. The certificate chain in the configuration details of the certificate is invalid.
- The update of the certificate failed. The certificate chain in the configuration details of the certificate is invalid.
When you create or update a certificate authority or certificate, the Certificates service performs various checks to validate the certificate chain. If the resource was issued internally by a Certificates CA, certificate chain validation can fail because one or more issuer CAs in the chain share a common name. Having a repeated common name in the certificate chain causes the service to consider the certificate chain invalid.
Confirm that all CA certificates up to and including the root certificate have different common names. If needed, re-create the CAs in the certificate chain hierarchy to each have their own common name.