When you buy an SSL Certificate from GoDaddy.com you may come across the concept of intermediate certificates, which must be installed along with your SSL Certificate.
But what is an intermediate certificate, exactly? An intermediate certificate is a subordinate certificate issued by the trusted root specifically to issue end-entity server certificates. The result is a certificate chain that begins at the trusted root CA, through the intermediate and ending with the SSL certificate issued to you.
Creating certificates directly from the CA root certificate increases the risk of root certificate compromise, and if the CA root certificate is compromised, the entire trust infrastructure built by the SSL provider will fail. The usage of intermediate certificates for issuing SSL certificates to end entities, therefore, provides an added level of security. In an attempt to enhance the security of the Root certificate, Go Daddy, in fact, creates two intermediate certificates from which SSL certificates are signed and issued.
Once Go Daddy issues your SSL certificate, they will send you an email message containing a link for downloading the signed certificate, along with the intermediate certificates. The specific procedure through which the intermediate certificates are installed depends on the type of server software you are using. In most cases, you can download and install an intermediate certificate bundle, but for certain server types, you must download and install the two intermediate certificates individually.
没有评论:
发表评论