diff --git a/authority/authority.go b/authority/authority.go
index cc26635e..1aac594a 100644
--- a/authority/authority.go
+++ b/authority/authority.go
@@ -253,6 +253,21 @@ func (a *Authority) init() error {
 		}
 	}
 
+	// Initialize linkedca client if necessary. On a linked RA, the issuer
+	// configuration might come from majordomo.
+	var linkedcaClient *linkedCaClient
+	if a.config.AuthorityConfig.EnableAdmin && a.linkedCAToken != "" && a.adminDB == nil {
+		linkedcaClient, err = newLinkedCAClient(a.linkedCAToken)
+		if err != nil {
+			return err
+		}
+		// If authorityId is configured make sure it matches the one in the token
+		if id := a.config.AuthorityConfig.AuthorityID; id != "" && !strings.EqualFold(id, linkedcaClient.authorityID) {
+			return errors.New("error initializing linkedca: token authority and configured authority do not match")
+		}
+		linkedcaClient.Run()
+	}
+
 	// Initialize the X.509 CA Service if it has not been set in the options.
 	if a.x509CAService == nil {
 		var options casapi.Options
@@ -260,6 +275,22 @@ func (a *Authority) init() error {
 			options = *a.config.AuthorityConfig.Options
 		}
 
+		// Configure linked RA
+		if linkedcaClient != nil && options.CertificateAuthority == "" {
+			conf, err := linkedcaClient.GetConfiguration(context.Background())
+			if err != nil {
+				return err
+			}
+			if conf.RaConfig != nil {
+				options.CertificateAuthority = conf.RaConfig.CaUrl
+				options.CertificateAuthorityFingerprint = conf.RaConfig.Fingerprint
+				options.CertificateIssuer = &casapi.CertificateIssuer{
+					Type:        conf.RaConfig.Provisioner.Type.String(),
+					Provisioner: conf.RaConfig.Provisioner.Name,
+				}
+			}
+		}
+
 		// Set the issuer password if passed in the flags.
 		if options.CertificateIssuer != nil && a.issuerPassword != nil {
 			options.CertificateIssuer.Password = string(a.issuerPassword)
@@ -481,24 +512,13 @@ func (a *Authority) init() error {
 		// Initialize step-ca Admin Database if it's not already initialized using
 		// WithAdminDB.
 		if a.adminDB == nil {
-			if a.linkedCAToken == "" {
-				// Check if AuthConfig already exists
-				a.adminDB, err = adminDBNosql.New(a.db.(nosql.DB), admin.DefaultAuthorityID)
-				if err != nil {
-					return err
-				}
+			if linkedcaClient != nil {
+				a.adminDB = linkedcaClient
 			} else {
-				// Use the linkedca client as the admindb.
-				client, err := newLinkedCAClient(a.linkedCAToken)
+				a.adminDB, err = adminDBNosql.New(a.db.(nosql.DB), admin.DefaultAuthorityID)
 				if err != nil {
 					return err
 				}
-				// If authorityId is configured make sure it matches the one in the token
-				if id := a.config.AuthorityConfig.AuthorityID; id != "" && !strings.EqualFold(id, client.authorityID) {
-					return errors.New("error initializing linkedca: token authority and configured authority do not match")
-				}
-				client.Run()
-				a.adminDB = client
 			}
 		}
 
diff --git a/authority/linkedca.go b/authority/linkedca.go
index 00d5ceef..6a0800c2 100644
--- a/authority/linkedca.go
+++ b/authority/linkedca.go
@@ -152,13 +152,21 @@ func (c *linkedCaClient) GetProvisioner(ctx context.Context, id string) (*linked
 }
 
 func (c *linkedCaClient) GetProvisioners(ctx context.Context) ([]*linkedca.Provisioner, error) {
+	resp, err := c.GetConfiguration(ctx)
+	if err != nil {
+		return nil, err
+	}
+	return resp.Provisioners, nil
+}
+
+func (c *linkedCaClient) GetConfiguration(ctx context.Context) (*linkedca.ConfigurationResponse, error) {
 	resp, err := c.client.GetConfiguration(ctx, &linkedca.ConfigurationRequest{
 		AuthorityId: c.authorityID,
 	})
 	if err != nil {
-		return nil, errors.Wrap(err, "error getting provisioners")
+		return nil, errors.Wrap(err, "error getting configuration")
 	}
-	return resp.Provisioners, nil
+	return resp, nil
 }
 
 func (c *linkedCaClient) UpdateProvisioner(ctx context.Context, prov *linkedca.Provisioner) error {
@@ -205,11 +213,9 @@ func (c *linkedCaClient) GetAdmin(ctx context.Context, id string) (*linkedca.Adm
 }
 
 func (c *linkedCaClient) GetAdmins(ctx context.Context) ([]*linkedca.Admin, error) {
-	resp, err := c.client.GetConfiguration(ctx, &linkedca.ConfigurationRequest{
-		AuthorityId: c.authorityID,
-	})
+	resp, err := c.GetConfiguration(ctx)
 	if err != nil {
-		return nil, errors.Wrap(err, "error getting admins")
+		return nil, err
 	}
 	return resp.Admins, nil
 }