My objective is to have a RootCA and a SubCA in my network.
I have installed the EJBCA solution on two different servers and it works fine. I can issue certificates with them, etc.
Now, I would like one to be the SubCA of the other, but I can't seem to find the information on the internet.
Do you guys have any ideas on how to configure the SubCA with the RootCA?
If you need more information, you can ask me.
Thanks.
Last edit: Nathan Foret 2023-01-31
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Update for thoses who want the response i got from github :
So, you're going to have to take a small step back =) The SubCA needs to be signed by the Root CA before it issues anything, otherwise it's just a root-CA of its own.
Hello,
I'm looking for some help.
My objective is to have a RootCA and a SubCA in my network.
I have installed the EJBCA solution on two different servers and it works fine. I can issue certificates with them, etc.
Now, I would like one to be the SubCA of the other, but I can't seem to find the information on the internet.
Do you guys have any ideas on how to configure the SubCA with the RootCA?
If you need more information, you can ask me.
Thanks.
Last edit: Nathan Foret 2023-01-31
If you an post the question on GitHub that would be good. This is the active support channel. https://github.com/Keyfactor/ejbca-ce/discussions
Will do, thanks !
Update for thoses who want the response i got from github :
So, you're going to have to take a small step back =) The SubCA needs to be signed by the Root CA before it issues anything, otherwise it's just a root-CA of its own.
There's actually a tutorial covering this use case in our docs: https://doc.primekey.com/ejbca/solution-areas/issuing-tls-certificates#IssuingTLSCertificates-CreateRootCA