We hit a snag today with the latest and greatest 3.15 release. We’re doing hybrid (tenanted/untenanted) deployments and noticed that when checking “Include in both tenanted and un-tenanted deployments” on a certificate and then assigning a tenant it, our users are no longer able to view that certificate in certificate manager and get an error saying that they’re missing CertificateView permission. However, they can still assign it to variables.
We tried a number of things to resolve this.
We attempted to remove tenant from certificate’s tenant filter, hoping that no tenant in the filter will make the certificate available to all tenants. This didn’t work. Our tenanted deployments started failing because OD couldn’t find the cert assigned to the variable.
We put the tenant back into certificate’s tenant filter and tried assigning that same tenant to the team’s otherwise empty tenants filter. Still, nobody on the team, except for admins, could view the certificate in certificate manager.
Finally we tried assigning Certificate Manager role non-admin users and oddly this still didn’t work.
Is this a bug or are we missing something in the settings?