Using Lab CA for private acme certificates

[R0CKB0TT0M]

I've recently set up a Lab CA internal ACME Server and would like to use it for tactical rmm. This should technically be a drop in replacement for lets encrypt.Is it possible to do this? Could this functionality be added?

[dinger1986]

In the docs it tells you how to use your own certs, is that what you mean?

[silversword411]

Your certs either do or do not pass the chain of trust test from the context of your agents certificate root store.

https://www.keyfactor.com/blog/certificate-chain-of-trust/

Use your internal CA in place of LE if they pass root chain of trust from your agents.

If your agents don't trust your internal CA root certs, then you can do a TRMM --insecure install which disables all SSL validation protections and your agent traffic is insecure and vulnerable to MITM attack.

[R0CKB0TT0M]

I have rolled out the root certificate to my client computers trust store. Do I need to configure anything in the agent or does it use the system trust store?
Can I just edit the certboot command to get the certificate from my private acme server?

[silversword411]

If your agents root store pass SSL tests on your cert, there's nothing else to do.

Why are you asking about certbot at that point?