Hi there,
Is anyone able to confirm if you have an environment with multiple platform services controller (all under the same SSO domain), do you need to setup each PSC as a Sub-CA if you intend to use say a Microsoft Certificate Authority?
Basically I have 2 vCenters and 2 Platform Services Controllers across 2 different sites all under the same SSO domain. I setup the first PSC as a sub-ca to my Microsoft PKI and everything is now signed off as I would like. In the second site, I setup the second vcenter and PSC and joined the PSC to the existing SSO domain. However, the vCenter and PSC will not sign certificates from the other PSC. It appears I have to set this PSC up as a sub-ca also. (I assume the secondary PSC does not replicate the certificate authority information from the first PSC??)
I just want to make sure this is the correct way or if I am missing something basic...
Thanks in advance for your help :smileyhappy:
Kind Regards,
Justin