Forum Discussion
Amit_V_Chavan_1
Nimbostratus
NimbostratusDifference between Root Cert, Intermediate Cert and SSL Cert
Hello Every one,
Can any one please help me with difference between Root Cert, Intermediate Cert and SSL Cert?
StephanManthey
Nacreous
NacreousPerhaps wikipedia has a better explanation for the whole thing.
Here is a quick answer for the BIG-IP related part.
- a private key is generated on the big-ip and kept in the filestore (will be used later in your clientssl profile as 'key')
- a certificate signing request will be created for the specific hostname and with some specific attributes
- you will submit the certificate signing request to a certficate authority (CA)
- the CA with return a signed certficate. You will import it into the TMOS filestore and use it in your clientssl profile as 'certficate'.
- the CA will also provide a so called intermediate CA file or chain certificate. It proves, that your choosen CA is trusted by one of the root CAs. You will need the intermedidate CA certificate as 'chain' certificate in your clientssl profile
The root CAs are already trusted CAs in the clients browsers. By presenting an intermediate certificate you prove the full chain of trust between the signed certficate, the signing CA and one of the root CAs.
Makes sense?
