Hi, I’ve been struggling with creating certificates for my installation of Vault.
How can I create those three certificates with an internal Microsoft ADCS? (Active Directory Certificate Server)
So far I’ve done the following:
openssl genrsa -out ca.key 2048
openssl req -new -key ca.key -out vault.csr
Created the certificate by presenting the CSR to the Web Enrollment from ADCS.
Downloaded the Chain.p7b from the ADCS.
openssl pkcs7 -print_certs -in chain.p7b -out vault.cer
So now I have two files:
“ca.key” and the converted “vault.cer” In the “vault.cer” it has the completed chain of trust.
Client certificate --> SubCA --> RootCA.
Can anyone give me any suggestions?