Failed to obtain the CA certificate

The CA certificate cannot be obtained.

• The network connection is down, for example, because the network cable is damaged or the connectors have bad contact.

• No trusted CA is specified.

• The certificate request URL is incorrect or not specified.

• The system time of the device is not synchronized with the CA server.

• The CA server does not accept the source IP address specified in the PKI domain, or no source IP address is specified.

• The fingerprint of the root CA certificate is illegal.

1. Fix the network connection problems, if any.

2. Configure the trusted CA and all other required parameters in the PKI domain.

3. Use the ping command to verify that the CA server is reachable.

4. Synchronize the system time of the device with the CA server.

5. Specify the correct source IP address that the CA server can accept. For the correct settings, contact the CA administrator.

6. Verify the fingerprint of the CA certificate on the CA server.

7. If the problem persists, contact Hewlett Packard Enterprise Support.