Replacing Root Certificate Issue

Document ID : KB000098932
Last Modified Date : 04/06/2018
Show Technical Document Details
Issue:
Within the Policy Manager, you have the ability to create a root private key with capabilities to sign other private keys. If you replace this root certificate with another that has the exact same name, you may see an issue when it comes to replacing the chain of existing private keys. When viewing the chain of the newly-signed private key, you may see that it has been signed by the old root certificate rather than the new one.
Resolution:
The issue can be solved by replacing the certificate chain for each existing private key in the Gateway (that have the root in it's chain) and after that you will be able to see the correct root in the chain.