question

BojanZivkovic-7448 avatar image
0 Votes"
BojanZivkovic-7448 asked DSPatrick edited

Subordinate CA in remote locations

Hi, we have Enterprise Root Issuing CA in the US. It issues all sorts of certificates to both computers/users in all our locations (US, Serbia, Malta ...). One of them is user certificate which must be valid in order to let him/her into LAN via VPN (FortiClient). We are worried about consequences of WAN link between Serbia/Malta and HQ in US (where CA resides) being down for any reason - people would not be able to get VPN access and work remotely. Since CA we only have at the moment is Enterprise Root Issuing CA what do you think about setting up subordinate enterprise issuing CAs in Serbia and Malta to address problem if WAN link is down or there is something better to be done.

Thank you in advance!

windows-server-security
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

0 Answers