logo

Notification

Icon
Error

Options
Go to last post Go to first unread
Offline dima_t  
#1 Posted : Wednesday, February 17, 2016 6:35:56 PM(UTC)
dima_t

Rank: Member

Joined: 9/23/2015(UTC)
Posts: 29

Was thanked: 6 time(s) in 5 post(s)
Manual says that I should put all certificates to server PKI folder, including root CA certificate.
It is not secure to keep root CA certificate with the server, thus is it possible to keep just intermediate CA certificate?
Offline Basavaraju B V  
#2 Posted : Wednesday, February 17, 2016 9:59:00 PM(UTC)
Basavaraju B V

Rank: Advanced Member

Joined: 6/10/2015(UTC)
Posts: 34
Location: Bengaluru

Was thanked: 1 time(s) in 1 post(s)
Hi Dima_t,

UA specification says, complete chain of certificates has to be validated. So, if only intermediate CA certificate is kept in PKI folder, server will not be able to validate the certificates and, connection establishment is not possible without certificate validation.

Regards,
Basavaraju B V
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Matrikon Subscribe  |   Matrikon Unsubscribe  |   Global Unsubscribe  |   Privacy Statement  |   Do Not Sell My Personal Information