logo

Notification

Icon
Error
Is it possible to use Intermediate CA without Root CA?
Options
Go to last post Go to first unread
Previous Topic Next Topic
Offline dima_t  
#1 Posted : Wednesday, February 17, 2016 6:35:56 PM(UTC)
dima_t

Rank: Member

Joined: 9/23/2015(UTC)
Posts: 29

Was thanked: 6 time(s) in 5 post(s)
Manual says that I should put all certificates to server PKI folder, including root CA certificate.
It is not secure to keep root CA certificate with the server, thus is it possible to keep just intermediate CA certificate?
Back to top
Offline Basavaraju B V  
#2 Posted : Wednesday, February 17, 2016 9:59:00 PM(UTC)
Basavaraju B V

Rank: Advanced Member

Joined: 6/10/2015(UTC)
Posts: 34
Location: Bengaluru

Was thanked: 1 time(s) in 1 post(s)
Hi Dima_t,

UA specification says, complete chain of certificates has to be validated. So, if only intermediate CA certificate is kept in PKI folder, server will not be able to validate the certificates and, connection establishment is not possible without certificate validation.

Regards,
Basavaraju B V
Back to top
BLOG Google+
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

© 2023 Honeywell International Inc. | Terms of Use
Matrikon Subscribe  |   Matrikon Unsubscribe  |   Global Unsubscribe  |   Privacy Statement  |   Do Not Sell My Personal Information   |   Cookie Notice