When trying to import the certificate response into the SSL server Standard PSE (or another PSE), an error might happen, informing that the “Verification of Certificate chain failed”.
It is possible that a wrong intermediate and/or root certificate is being used.
This post will show how to extract the intermediate and the root certificates using the Windows Crypto Shell Extension.
Double click the certificate response file (<filename>.cer):
Go to “Certification Path” (third tab):
Double click in the intermediate certificate (a new popup will be displayed):
Click in “Details” (second tab):
Click in “Copy to File…” to start a wizard. Select “Base-64 encoded X.509 (.CER)” to export the file.
Repeat the first step for the root certificate
Now it is possible to combine:
certificate response +
intermediate certificate +
and paste them into the dialog box:
displayed after clicking in the “Import Cert. Response” button (“Own Certificate” section of the PSE):