Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

"Invalid CA certificates detected" appears on IMSVA 9.0 web console

    • Updated:
    • 18 Jan 2016
    • Product/Version:
    • InterScan Messaging Security Virtual Appliance 9.0
    • Platform:
    • CentOS 6 64-bit
Summary

When you log on to InterScan Messaging Security Virtual Appliance (IMSVA) 9.0 web console, the following warning message appears:

Invalid CA certificates detected

Invalid CA certificate detected

The error message does not affect the user interface's functionality but you want to remove the said notification.

Details
Public

IMSVA 9.0 contains 113 commonly used CA certificates and automatically checks if there are any expired CA certificates. When a CA certificate got expired, IMSVA 9.0 will display the warning message mentioned above.

If the warning message shows while the Transport Layer Security (TLS) feature works fine, it means that the expired CA certificate does not affect the TLS communication and can be deleted. With the default TLS settings, IMSVA 9.0 does not use those expired CA certificates.

To fix the warning message, administrator can do any of the following options:

Option I. Delete the expired certificates

  1. Open the IMSVA web console.
  2. Go to Administration > Transport Layer Security.
  3. Select the Trusted CA Certificates tab.
  4. Click the Valid column to order the CA certificates and find the invalid ones.

    Invalid certificates

  5. Delete the expired certificates.

Option II. Update the expired certificates

  1. Open the IMSVA web console.
  2. Go to Administration > Transport Layer Security.
  3. Select the Trusted CA Certificates tab.
  4. Click the subject of the invalid CA certificate to see the issuer of the expired certificate.

    Certificate Information

  5. Search for the issuer on the internet to find and download the new version of the CA certificate.
  6. On the Trusted CA Certificate tab, click Import and choose the new CA certificate file. This will import the updated CA certificate.
  7. Once the CA certificates are updated and the TLS works fine, you may delete the invalid CA certificates.
For a more convenient way of updating new CA certificates directly, refer to KB 1113319.
Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1113233
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.