CA chain.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 29/07/2016 06:13, asmarner at yahoo.com wrote:
> Hi,
>
> I am new to SSL stuff.
>
> I was wondering whether the CA chain of a certificate can be changed.
>
> Let say the initial chain is
>
> Server->Intermediate CA1->Intermediate CA2->Root CA
>
> and during renewal we have Server->Root CA
>
>
>

Renewal creates a brand new key with a brand new certificate,
which can (and often does) have an entirely new chain.For
example:

Server cert 2014->Big Name Intermediate G2014->Big Name Root CA R2010
Server cert 2016->Big Name Intermediate G2016->Big Name Root CA R2015

Also, it is possible to have more than one chain leading
to the same server cert, with the possibility to
reconfigure the server to send a different one of those
chains:

Server cert->Intermediate CA1->Intermediate CA2->Root CA1
Server cert->Intermediate CA1->Root CA2

Enjoy

Jakob
-- 
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 S?borg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux