RootCA and SubCA Conf #232

Nathanforet · 2023-01-31T11:27:27Z

Nathanforet
Jan 31, 2023

Hello,

I'm looking for some help.

My objective is to have a RootCA and a SubCA in my network.
I have installed the EJBCA solution on two different servers and it works fine. I can issue certificates with them, etc.

Now, I would like one to be the SubCA of the other, but I can't seem to find the information on the internet.
Do you guys have any ideas on how to configure the SubCA with the RootCA?

If you need more information, you can ask me.

Thanks.

Answered by mike-agrenius-kushner

Jan 31, 2023

Hi,

So, you're going to have to take a small step back =) The SubCA needs to be signed by the Root CA before it issues anything, otherwise it's just a root-CA of its own.

There's actually a tutorial covering this use case in our docs: https://doc.primekey.com/ejbca/solution-areas/issuing-tls-certificates#IssuingTLSCertificates-CreateRootCA

Cheers,
Mike

View full answer

mike-agrenius-kushner · 2023-01-31T11:43:23Z

mike-agrenius-kushner
Jan 31, 2023
Maintainer

Hi,

So, you're going to have to take a small step back =) The SubCA needs to be signed by the Root CA before it issues anything, otherwise it's just a root-CA of its own.

There's actually a tutorial covering this use case in our docs: https://doc.primekey.com/ejbca/solution-areas/issuing-tls-certificates#IssuingTLSCertificates-CreateRootCA

Cheers,
Mike

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

RootCA and SubCA Conf #232

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

RootCA and SubCA Conf #232

Uh oh!

Nathanforet Jan 31, 2023

Replies: 1 comment

Uh oh!

mike-agrenius-kushner Jan 31, 2023 Maintainer

Nathanforet
Jan 31, 2023

mike-agrenius-kushner
Jan 31, 2023
Maintainer