I'm trying to install a webauth certificate -- it works fine when unchained, however once I add the additional information the installation fails. I am using the same root and intermediate certificate information as last year, and it worked fine then. I can recreate last year's pem file with the chained information and it installs fine, so it's only when I include the new device certificate information that it fails. The certificate installs fine when it's not chained, I'm not receiving any openssl errors, and I'm not using openssl 1.0.
Here's what I have done per Cisco documented instructions:
If its a new certificate, you might want to verify if the they used a different root ca to sign the certificate. Open the certificate in your PC and view the root certificate. You can extract both the intermediate and the root and use that along with your new device certificate.