Tasks
-
Add new root to existing server cert chain
-
Determine key type
- What do clients support?
- What does the onboarding tool support?
- What does the PKI infrastructure support?
-
How do we create the USERTrust intermediate cert?
- Solved in openssl, assuming direct access to the new root's private key
- Unknown how to do this in Vault
-
Determine key type
- [ ]