I'm having an issue with an SSL certificate on one of my websites that seems to only occur at one client site. Another of our SSL certificates is working perfectly for them despite both being associated with the same trusted root (VeriSign Class 3 Secure Server CA).
The certificate that isn't working claims that it is not associated with a trusted root certificate, and shows only the certificate itself.
Even adding the certificate to the trusted root directly doesn't allow the certificate to validate.
The only difference that I can see between the two certificates is that the one that isn't working (the newer one) is using the provider:
ProvName='Microsoft RSA SChannel Cryptographic Provider' ProvType=PROV_RSA_SCHANNEL KeySpec=AT_KEYEXCHANGE
And the one that is working (older) is using:
ProvName='Microsoft Enhanced Cryptographic Provider v1.0' ProvType=PROV_RSA_FULL KeySpec=AT_KEYEXCHANGE
What are we doing wrong?