I have a small ZCM 10.3.2 zone (one server)
During the install (about a year ago) I used the eDirectory CA to sign the CSR.
Everything was working fine.

Our CA was going to expire at the end of the year so I reacreated the CA.
Now I want to use the new CA for ZCM again.

I followed the steps from the documentation here:
Novell Documentation

Everything seemed OK. New certificate is being used when I open ZCC.
When I try to get my adaptive agent to reregister itslef I run into issues.
I get error "sslpolicyerrors.remotecertificatechainerrors" in the agent debug log and the message "Could not estabish trust relationship for the SSL/TLS secure channel" error if I do a zac reg.
I found TID 7002409 on the issue, but doen not help in my case.

So I went back and recreated the certificates using the internal CA, no issues after that. Everything seems to work fine then.

But I do want to use my own signed certificate if possible.

Any ideas?