Trust Chain Configuration

Import CA Chain

  1. Navigate to Administration > System > Certificates > Trusted Certificates

  2. Click Import

  3. Upload DOMUS-CA-CHAIN.pem (root + intermediate)

  4. Enable trust options:

    • Trust for client authentication

    • Trust for certificate-based admin authentication

Verify Trust

netapi ise api-call openapi GET '/api/v1/certs/trusted-certificate?size=100' | \
  jq -r '.response[].friendlyName' | grep -i domus

Expected output:

DOMUS-ROOT-CA
DOMUS-ISSUING-CA

Certificate Chain File

Create chain file (if not exists):

cat DOMUS-ISSUING-CA.pem DOMUS-ROOT-CA.pem > DOMUS-CA-CHAIN.pem

Order: Issuing CA first, Root CA last.