Request Computer Certificate from CA in another AD Forest

Frequent Contributor

Hello I am wondering if there is a way to generate a certificate request for a computer in one AD forest and use the CSR to generate the certificate on the CA in another AD forest. Does anyone know if this is possible? I cannot find documentation on this in my Google searches. Thanks in advance!

2 Replies
best response confirmed by charlie4872 (Frequent Contributor)
To auto-enroll it, I think there has to be a Forest trust so that you can use a group for the computer to allow it to auto-enroll. You can always create a CSR manually and let it sign by a CA, doesn't matter if it's in another forest or if it is a public CA even.
Did this answer your question?