I want to keep RootCA outside of the Vault and have dev/qa/stage/prod env of Vault setup where individual intermediate CA certificate will be used to issue client certificates.
Followed PKI Secrets Engine where it explain about Setting Up Intermediate CA but it explain based on RootCA certificate is also present in Vault.
Can I have just intermediate CA certificate present in Vault, not RootCA certificate ?