I wonder that US KMS can create certificate for Subordinate CA Certificate eg for Windows subortinate ?
Can you clarify what you want to do?
Do you want to use KMS to issue some end-entity certificates that are rooted in a Microsoft CA? Or something else?
General I want to sign KMS CA windows.
Because KMS don’t have user friendly API
But in same case some customer want store PKI material in one site.