Hi Mikael,
might it be that the IS is not able to detect which one of the two certificates (sign or crypt) should be used for the Keystore?
Best Practise in my opinion is, to collect all Root and Intermediate CAs in a separate truststore jks-file and one end certificate with its private key in a dedicated P12-Keystore-File each.
After loading all these stores under Keystore section you can the map the certificates under the Certificates section to the designated purposes.
See IS Administrators Guide for further informations.
Regards,
Holger
#webMethods#Integration-Server-and-ESB