For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Amit_V_Chavan_1's avatar
Amit_V_Chavan_1
Icon for Nimbostratus rankNimbostratus
Sep 23, 2013

Difference between Root Cert, Intermediate Cert and SSL Cert

Hello Every one,   Can any one please help me with difference between Root Cert, Intermediate Cert and SSL Cert?  
StephanManthey's avatar
StephanManthey
Icon for Nacreous rankNacreous
Sep 23, 2013

Perhaps wikipedia has a better explanation for the whole thing.

 

Here is a quick answer for the BIG-IP related part.

 

  1. a private key is generated on the big-ip and kept in the filestore (will be used later in your clientssl profile as 'key')
  2. a certificate signing request will be created for the specific hostname and with some specific attributes
  3. you will submit the certificate signing request to a certficate authority (CA)
  4. the CA with return a signed certficate. You will import it into the TMOS filestore and use it in your clientssl profile as 'certficate'.
  5. the CA will also provide a so called intermediate CA file or chain certificate. It proves, that your choosen CA is trusted by one of the root CAs. You will need the intermedidate CA certificate as 'chain' certificate in your clientssl profile

The root CAs are already trusted CAs in the clients browsers. By presenting an intermediate certificate you prove the full chain of trust between the signed certficate, the signing CA and one of the root CAs.

 

Makes sense?