I'm facing problems with local certificates.
For connection between local server and web browser I need encrypted HTTPS. For many reasons we want to have own CA. I have made following steps:
- Created own ROOT CA
- Created CSR for server (not necessary for replication of problem)
- From ROOT CA + server CSR created certificate (CRT) for server (not necessary for replication of problem)
- Installed CRT + private key on server (not necessary for replication of problem)
- On my PC (Win10) opened mmc.exe then used module certificates and added ROOT CA in trusted root certification authorities (not sure if it is correct in English, I run localized version of Windows)
Directly in MMC when I open the certificate (double click) I got on first tab message "A system-level error occurred while verifying trust". To make it clear this is issue of the ROOT CA and not even related to the signed server CRT. Because the windows computer shows the issue immediately after ROOT CA adding via MMC without even connecting to server.
When I upload the CRT + ROOT CA to online checker, for example: https://tools.keycdn.com/ssl it says "No chain issues detected."
My idea was that as soon as ROOT CA is installed in trusted root certification authorities is checked only for validity period (from-to).
What I'm doing wrong?