Forum Discussion

Ronald-van-der-Meer's avatar
Ronald-van-der-Meer
Iron Contributor
Mar 11, 2026

Issue with creating an issuing CA in Cloud PKI

I have activated an trial license for Cloud PKI a couple of days ago.
I follow this guide to create a Root and Issuing CA https://oliverkieselbach.com/2024/03/04/how-to-configure-cloud-pki-certificate-based-wifi-with-intune/

I could create a root certificate successfully, but when i want create an issuing certificate i'm getting this error 'CA failed to be created'
I have waited to a couple of hours to try it again but still no luck.

What can cause this issue and how to solve this?

Cloud PKI
Intune

3 Replies

  • Ronald-van-der-Meer's avatar
    Ronald-van-der-Meer
    Iron Contributor
    Mar 11, 2026

    I solved it but not in a way i was expecting it.
    I had configured the root CA validity at 25 years and the Issuing CA at 10 years. That failed.
    I now lowered the validity of the issuing CA to 8 years. That worked.

    Is there known issue that selected 10 years results in this error?

    • Humble-IT-Guy's avatar
      Humble-IT-Guy
      Copper Contributor
      Mar 17, 2026

      Thanks for sharing, I was stuck on exactly the same thing.

      Lowering the validity of the issuing CA to 8 years did the trick.

    • dflukey's avatar
      dflukey
      Copper Contributor
      Mar 13, 2026

      Hi, just wanted to leave a comment here to thank you for troubleshooting this! Great work!

      Changing from 10 to 8 years on the issuing CA solved it for us as well

       

      Great job with the UI and error messages, Microsoft 😒