Certificate exception still showing up with Let's Encrypt certificate

Hi All,

I’m not using the template as my issue is not related to certificate issuance.

I got Let’s encrypt cert for my Cisco Expressway and I’m able to login with jabber endpoints fine. The only issue is that the Jabber client displays certificate exception on first login.

I see Let’s encrypt’s root certificate - DST Root CA X3 - is already in the windows trust store by default. But my certificate is signed by Intermediate - Let’s encrypt Authority X3.
image
I believe that’s why I’m getting the exception. Shouldn’t the Let’s encrypt CA root certificate be already present in windows trust store by default?

I’m not sure if this is the right space for this question or should I look somewhere else.

1 Like

I felt like this should be the case, since a trust chain should be built automatically if the certificate is chained up to a trusted root certificate.

However, just to make sure, can you see if you can use fullchain.pem (the file contains both leaf certificate and intermediate certificate) instead of the individual cert?

If there’s no change, I would suggest you to try contact Cisco support for help on specific software. (Maybe other members with similar experience can help, but that’s all I know)

Thank you

1 Like