Certificate chain validation failed (in the Advanced Threat Defense security log)
Last Modified: 2022-03-23 17:58:46 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
After December 1, 2024, please log in to the Thrive Portal for support, knowledge articles, tools, and downloads. For information about using the Thrive Portal, view the Trellix Thrive Portal User Guide.
Certificate chain validation failed (in the Advanced Threat Defense security log)
Technical Articles ID:
KB95378
Last Modified: 2022-03-23 17:58:46 Etc/GMT Environment
Advanced Threat Defense (ATD) 4.x
Problem
The ATD security log shows: Certificate chain validation failed
System Change
You uploaded a custom web certificate to ATD.
Cause
Certificate chain validation fails when one or more of the following conditions are met:
Solution 1
Upload the root CA certificate of your certificate chain to ATD. NOTE: You don’t need to upload the intermediate CA certificate to ATD. Solution 2
ATD validates your custom web certificate by recursively fetching the signer certificate from the URL in the Authority Information Access (AIA) Extension field in your custom web certificate. It performs this fetch until it reaches the root CA certificate. ATD then compares the root CA certificate of the AIA chain with the root CA certificate that you uploaded to ATD. Make sure you list your signer certificate URL in the AIA Extension field in your custom web certificate. Solution 3
Make sure that ATD has access to your signer and root CA certificates, via the URL as listed in the AIA field.
Affected ProductsLanguages:This article is available in the following languages: |
|