"Missing intermediate certificates or root anchor" While Scanning Vulnerablity of MDM IP
Article ID: CTX227466
Updated On:
Description
While customer uses 3rd-party security scanner to scan MDM IP, there is warning: "Missing intermediate certificates or root anchor" 
Resolution
For XenMobile Server, there is some preparation work to do, to get it all right. Basically, you’ll need to combine all the (.PEM) certificate files into one, upload that to XenMobile Server, and restart.
Steps are:
-----BEGIN CERTIFICATE-----
(server_certificate.pem content)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(issuing_ca_certificate.pem content)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(root_ca_certificate.pem content)
-----END CERTIFICATE-----
- Combine individual (.PEM) certificate files (server, issuing and root CA) into one .PEM file by following instructions on this DigiCert site (you can use Notepad to achieve this). Your final .PEM file should look like this:
- Upload the combined (.PEM) certificate file to XenMobile Server.
- Restart all the XenMobile Server nodes (one by one).
- Check if nodes picked up the certificate change (for example, by opening the XenMobile Server management interface with your browser – https://{node's_IP_address}:4443).
- Check if certificate chain is in order as well – https://www.digicert.com/help/.
Problem Cause
Intermediate certificates are missing on XenMobile Server SSL Listener certificate.Additional Information
https://blog.kaniski.eu/2017/02/netscaler-xenmobile-and-ssl-certificates/
Was this article helpful?
Yes
No
Powered by
