I am using the Beta Hub as I need to place the same cert on multiple web servers. The new feature External Certificate Subscription is exactly what I need. I have attempted to set this up; however, I receive the error “External certificate update could not be validated as deployable PFX data.”
I gave the cert consumer role to the remote host and just to validate have given every role to the hub and the remote server. Same error. Debug doesnt add to the log.
Thanks for trying that feature out, do you current have a working cert on the hub that you are trying to subscribe to?
I can confirm that you only need to assign the cert consumer role to the instance that’s pull the cert from the hub.
Is there a password set on the PFX? If so that’s won’t (currently) work as the certificate consumer doesn’t know the password.
Thank you!! That was the issue, the password on the PFX. Removing the password allowed the remote system to get the specified cert and deploy it.