Hi.
It is my understanding that it is best to install the full certificate chain into ClearPass. i.e. the server certificate, intermediate and root CA, in one chain.
When I try to upload the whole chain, I get an error saying the following. I'm using ZeroSSL.com
Certificate CA "CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US" with appropriate Subject Key Identifier must be added and enabled in Certificate Trust List
So I then manually install the root CA into the Trust List and add the services that I want to use it for. ClearPass will then allow me to install the whole certificate chain. Is this common?
Thanks.