Why can't I verify my certificate in PAM even if I know it is correct ?

Document ID : KB000125477
Last Modified Date : 29/01/2019
Show Technical Document Details
Question:
I followed the documented procedure for requesting a certificate. I have verified by means of the corresponding openssl commands that the certificate I received from the Certification Authority does correspond to the key generated in PAM and to the csr I submitted.

However, even if I load the certificate to PAM and I run the verification steps, I keep getting an error that the certificate is not verified. What may be the problem ?
Environment:
CA PAM all versions
Answer:
A common trivial reason for this problem may be certificate name mismatch. That is, if my key name is abc.key, the certificate generated by the Certification Authority must be renamed to abc.cer (or csr) before being imported to PAM. If you don't know what the key name was, you can go to Configuration/Security/Download, check there the keynames listed and identify yours.