CA Certificate

Table of Contents


A CA certificate is a certificate used by a certificate authority to sign certificate.

In the chain, it's

  • or the intermediate certificates. Most organizations create an intermediate certificate and sign server and client certificates with that intermediate. This allows administrators to keep the root locked down even further, they only need to handle it when creating new intermediates (and those intermediates can be quickly revoked).


A CA certificate is a certificate with the basicConstraints extension set to true <file ini> basicConstraints = critical, CA:true </code>

Powered by ComboStrap