Hello,

 

if I install a ca with ca_signing certificate signed by an external root ca, how do I request and retrieve a certificate containing the complete certificate chain?

 

I used caServerCert certificate profile to request/submit/approve a server certificate. When I export the certificate with pki ca-cert-show --encoded --output I get the plain PEM certificate without the chain. I tried also a modified profile with output class_id pkcs7OutputImpl but the certificate retrieved was the same.

 

Has anyone some hint?

 

Many thanks and regards

Uwe