SSL/TLS certificates are important for securing communication over the internet. But what are these constituent components that make these certificates function? Now, exploring the domain of Root CAs and Intermediate CAs.
What is a Root CA?
The Root Certificate Authority (CA) is the highest on the trust hierarchy. It issues digital certificates that confirm the identity of other CAs called Intermediate CAs. These Root CAs are out of the box trusted by web browsers and OS level applications.
What is an Intermediate CA?
An Intermediate CA is a sub CA that will provide digital certificates to individual websites and servers. These certificates are signed by the Root CA establishing chain of trust.
How is the Chain of Trust associated with its functioning?
Root CA: The Root CA issues a digital certificate and then passes it to an Intermediate CA.
Intermediate CA: The Intermediate CA is an entity/automation that hands out digital certificates for a website/server.
Website or server: When the user opens the website or server, the browser checks the certificate chain. It pulls the certificate from the website to the Intermediate CA certificate, the Root CA certificate.
What is the significance of changes to Root and Intermediate CAs?
Root CA and Intermediate CA, alterations will affect the website and application security and work. These changes might include:
New Root CAs: browsers and operating systems may be required to update their trusted stores with new Root CAs.
Certificate Revocation — When a certificate is hacked or compromised, this will be revoked, and the browsers will be updated to recognize the same.
Certificate Policy Changes: Changes in certificate policy can impact the issuance and validation of certificates
To Keep in The Loop and Prevent Most Communication Problems.
