#113 multi-tiered Windows based CA issue
Opened a year ago by jockesssd. Modified a year ago

According to: https://blogs.technet.microsoft.com/jeffbutte/2018/04/05/linux-certificate-enrollment-and-automated-renewal-using-ndes-v2/

There are two problems:
1) Certmonger does not appear to have a provision for downloading a CA chain.
2) Certmonger has issues with multi-tiered Windows based CA hierarchies.

Is this still true?

certmonger can download the chain but yes, it doesn't automatically add it to the system-wide trust list.

It works fine with subordinate CA's. A user who contributed to the SCEP support last year had such a setup and it worked fine.

See https://pagure.io/certmonger/issue/93

Login to comment on this ticket.