Troubleshooting Errors When Using DSC (Digital Sign) while signing MCA Forms

P K Gupta P K Gupta Dec 5, 2019 16062 0



 

Troubleshooting Errors When Using DSC 

1. What to do when you got the below message displayed while using DSC  

“Your Certifying Authority (CA) is not trusted. Please use a trusted CA” 

To Trouble shoot the above problem, follow the below steps: 

Step 1

1. Open the Internet Explorer.

2. Select the Tools and click on  Internet Options tab

3. Click the Content tab.  

4. Under the Certificates section, click the Certificates button.  

5. The next window will displays a list of certificates that are installed on the computer. Select the correct certificate and click the View button to open the certificate.

6. Check Issued by and Valid from and to details. The DSC must be issued by a Certifying Authority (CA) and the dates must be as per DSC validation.

There are various  Certifying Authority (CA) which are  recognized by MCA for issuing DSC, some of which are as follows: 

         a. National Informatics Center (NIC)

         b. MTNL Trust Line

         c. Tata Consultancy Services (TCS)

         d. Safe Scrypt CA Services

         e. (n) Code Solutions CA

         f. Sify Communications Ltd.
 
7. If the current DSC is not issued by a trusted Certifying Authority (CA), then get a new DSC from CA.
 
Step 2
If the certificate is issued by a trusted Certifying Authority (CA), and then also you are getting an error for not using a trusted Certifying Authority (CA), follow the below given steps:
 
1. Click the Certification Path tab in the Certificates dialogue box.
2. Click on details tab in the Certificate path and Certificate status section. 

 
3. In case the trust chain is missing under the Certification Path section, check with CA for the trust chain. If there is a trust chain, follow steps given below: 
 Note: The subject key identifier of parent and the Authority Key Identifier of immediate child should be same in the certificate.
 
a. In the Certification path section, select the parent (CCA India 2011) and click on the View Certificate tab.
b. Click the details tab and click on Subject Key identifier as shown below. 


c. Select the immediate Child (TCS CA 2011) and click the View Certificate button.
d. Click the Details tab and select the Subject Key identifier.
 
If problem still persists, get in touch with your Certifying Authority (CA) as the DSC that you are using is having some problem with trust chain
 
Step 3
If the parent and child CAs match and still you face the same error of not using a trusted CA, check, whether the sub CA or parent CA has changed its root certificate or not. If the Root certificate has changed for the CA then that root certificate has to be installed in MCA server.
 
Note: If after following all the three steps as explained above, you still face a problem, raise a complaint at http://www.mca.gov.in/MCA21/ and click on the User Complaints & Grievances link. While raising a ticket, provide the .Certificate file and the screen shot of the error message that you are facing.
 
2. What to do when you got the below message displayed while using DSC  
User Id against this Digital Certificate already exists.”
 
To Troubleshoot the above problem, follow the below steps: 
1. Open the Internet Explorer.
2. In the Internet Explorer, select the Tools, click on Internet Options tab
3. Click the Content tab.
4. Under the Certificates section, click the Certificates button.
5. The Certificate dialogue box is displayed. Click the details tab and check the Serial number and Issuer details. 


6. Open the http://www.mca.gov.in/MCA21/ Web site and click the User Complaints & Grievances link. Raise a ticket and file a complaint providing the serial number, issuer of the certificate along with the screen shot of the error message.
 
3. What to do when you got the below message displayed while using DSC  
 “Your certificate has been revoked.”
 
To Troubleshoot the above problem, follow the below steps: 
1. Open the Internet Explorer.
2. In the Internet Explorer, select the Tools, click on Internet Options tab
3. Click the Content tab.
4. Under the Certificates section, click the Certificates button.
5. Under the Certificate Information section, check the Issued by and Valid from and to details. The DSC must be issued by a trusted CA and the dates must be as per DSC validation as shown in the screenshot below.
6. Click the details tab and check the details such as, Serial number and Issuer.
7. In the details tab, select CRL (Certificate Revocation List)  distribution points. 


8. Copy the URL of CRL and open that URL in separate window of Internet Explorer to open the file.
9. The file download dialogue box appears. Click the Open button. 


10. The Internet Explorer Security dialogue box is displayed. Click the Allow button. 


11. In the Web page displayed, check whether the certificate Serial Number is present or not.
12. Click on Revocation List tab and check whether the serial number present in the certificate exists. 


13. If the serial number exists in the revocation list then, the certificate that you are using has been revoked by Certifying Authority (CA). Contact Certifying Authority (CA) to maintain the serial number for your use. If the serial number is not listed in the revocation list, raise a ticket/complaint at MCA.  

14. To raise a ticket / complaint, open the http://www.mca.gov.in/MCA21/ and click User Complaints & Grievances. When raising a ticket, provide the .Certificate file and the screen shot of the error message that you are facing.

 






 

Tags: