ACMEv2 clients must trust the CA certificate chain for the Entrust PKI Hub cluster’s TLS certificate. The cluster’s TLS certificate secures Certificate Enrollment Gateway’s TLS traffic. If ACMEv2 clients do not trust the CA certificate chain, the clients will fail to establish a secure TLS connection to Certificate Enrollment Gateway.
While some ACMEv2 clients may allow insecure TLS connections, you should avoid these connections for security reasons.
See your ACMEv2 client documentation for instructions about adding certificates to the ACMEv2 client.