• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5598
  • Last Modified:

SSL: What is the difference between a root and intermediate certificate

Regarding SSL

What is the difference between a root and intermediate certificate
Anthony Lucia
Anthony Lucia
2 Solutions
The root certificate is the certificate of the publishing authority and is generally valid for a longer duration.

Intermediates certs are usually a shorter life and chain to the root of the certification authority.

Intermediates CA's generally allow issuing of end user certificates allowing less visibility and access to the root as well as less potential for compromise.

The CA you can say acts as a manufacturer, where designs and plans are created and the CA can act as a factory creating models based on designs by the manufacturer for eventual sale provisioning to end users.
Dave HoweSoftware and Hardware EngineerCommented:
Simpler: A root certificate is self-signed, has the "CA" flag set, and is in the root store for your computer and/or web browser.

An intermediate certificate is one that has the "CA" flag set and is signed by another certificate that has the "CA" flag set (you can have multiple levels of indirection, but to be valid, it must be signed by a valid CA or by a root CA)

an end certificate is one without the CA flag set, hence cannot be used to sign certificates further from the root.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now