UCS CA - Sign Intermediate CSR from Hashicorp Vault (PKI)

My goal is to issue certificates in hashicorp vault.

The steps to do achieve this

  • create an intermediate ca in vault.
  • create intermediate certificate signing request (in vault)
  • Take the signing request from the intermediate authority and sign it using another certificate authority (UCS CA)
  • set the intermediate certificate authorities signing certificate to the root-signed certificate. (in vault)

The result would be: The intermediate certificate authority is now configured and ready to issue certificates.

I know how to do this with cfssl and other tools but it would be very cool to have the functionality within the CA system of UCS.

Thanks in advance.