CA Certificate shows Unknown Error for a subordinate CA in Enterprise PKI (PKIView.msc)

Applies to all Windows operating system versions capable of running Enterprise PKI (PKIView)

In a multitier PKI hierarchy, such as a two-tier or three tier PKI, the Enterprise PKI application will display "Unknown Error" for the CA certificate of a subordinate certification authority (CA) if the root CA or any parent CAs certificate has been revoked.

In this situation, you must check the certificates in the CA hierarchy. To resolve the issue, the CA certificates in the hierarchy that are expired must be renewed as well as all subordinate CA certificates.