Hi @Mohsen Akhavan ,
Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
From your verbatim, I understand you are trying to configure mutual authentication for your application.
From initial analysis, it appears that this is not a CA certificate
The below command should help you create a CA certificate
Root:
$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject "CN=MutualAuthRoot" -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -TextExtension @("2.5.29.19={text}CA=true") -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign
Client:
New-SelfSignedCertificate -Type Custom -DnsName MutualAuthLeaf -KeySpec Signature -Subject "CN=MutualAuthLeaf" -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -Signer $cert -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")
You informed that you are now able to resolve your issue.
Cheers,
Kapil
----------------------------------------------------------------------------------------------------------------
Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.