Forum Discussion

Ronald-van-der-Meer's avatar
Ronald-van-der-Meer
Iron Contributor
Mar 11, 2026

Issue with creating an issuing CA in Cloud PKI

I have activated an trial license for Cloud PKI a couple of days ago. I follow this guide to create a Root and Issuing CA https://oliverkieselbach.com/2024/03/04/how-to-configure-cloud-pki-certifica...
Cloud PKI
Intune
Ronald-van-der-Meer's avatar
Ronald-van-der-Meer
Iron Contributor
Mar 11, 2026

I solved it but not in a way i was expecting it.
I had configured the root CA validity at 25 years and the Issuing CA at 10 years. That failed.
I now lowered the validity of the issuing CA to 8 years. That worked.

Is there known issue that selected 10 years results in this error?

  • Humble-IT-Guy's avatar
    Humble-IT-Guy
    Copper Contributor
    Mar 17, 2026

    Thanks for sharing, I was stuck on exactly the same thing.

    Lowering the validity of the issuing CA to 8 years did the trick.

  • dflukey's avatar
    dflukey
    Copper Contributor
    Mar 13, 2026

    Hi, just wanted to leave a comment here to thank you for troubleshooting this! Great work!

    Changing from 10 to 8 years on the issuing CA solved it for us as well

     

    Great job with the UI and error messages, Microsoft 😒