Hello dtn,
You have to change your device certificate. Your new certificate have to be signed by your Internal CA. Please follow this steps:
- Go to Certificate Management : Device Certificate Management : Device Certificate.
- Then click in Renew
- In issuer select "Certificate Autority"
- Then click on Finished
You will obtain an CSR that you will provide to your Internal CA Admin, Once signed, just import it to the same place.
After what your cert it will be signed by your internal CA and you will no longer have a certificate error or blocking by your policy.
For information, under Device Management ›› Device Trust : Local Domain CA certificate is used for the HA part. it is not there that you manage the ssl certificate of the device.
Keep me in touch if it's ok for you or if you need additional assisance.
Regards