Hello @Bojan Zivkovic ,
Thank you for posting here.
If there is no two-way forest trust, we can try to deploy cross-forest certificate enrollment in AD test lab according to the following article if needed.
Starting with Windows Server 2008 R2, you can utilize Certificate Enrollment Web Services to provide certificates across forests that do not require forest trust relationships. For a lab demonstration of such a configuration using Windows Server® 2012, see the Test Lab Guide Mini-Module: Cross-Forest Certificate Enrollment using Certificate Enrollment Web Services.
For more information, please refer to link below.
Test Lab Guide Mini-Module: Cross-Forest Certificate Enrollment using Certificate Enrollment Web Services
Hope the information above is helpful.
Should you have any question or concern, please feel free to let us know.
If the Answer is helpful, please click "Accept Answer" and upvote it.