What is a chain of SSL certificates?

What is a chain of SSL certificates?

Overview
A chain of SSL certificates contains all of the certificates required to verify the subject identified by the end certificate.

Definition

A chain of SSL certificates contains all of the certificates required to verify the subject identified by the end certificate. Included are the end user (certificate), the certificates of any intermediate certificate authority (CA) and the root certificate. The root certificate issues a certificate for itself and is trusted by all the other members. Any intermediate CA in the chain owns a certificate issued by the CA one level up in the hierarchy of trust.

In order for any type of certificate to be used securely, the credibility of each certificate accepted should be verified. The process of this verification depends on the hierarchy of trust between the end user and the issuer of the certificate (Figure 1).

Figure 1. Hierarchy of trust.

Each certificate has a subject field that determines to whom the certificate was issued. Also, there is an issuer field which names the certification authority (CA) entitled to confirm the subject identity. Any new certificate must verify the authenticity of any certificates in the chain of certificate, starting from the original CA, to any intermediate CAs finishing at the end user. The validation process is performed to be certain the new certificate can be trusted, based on the verification of the other certificates in the chain (Figure 2).

Figure 2. Chain of SSL certificates.

If you have more questions regarding SSL chains of certificate, visit the Nexcess website or contact our Sales Team, available 9 a.m. to 5 p.m. eastern time (ET), Monday through Friday.

Article Rating (No Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
 
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
How to manage SSL certificates for system services
Added on Wed, Apr 15, 2015
What is a CSR?
Added on Mon, Sep 8, 2014
How to rekey your SSL certificate
Added on Wed, Aug 15, 2018
How to import SSL certificates in your Client Portal
Added on Thu, Sep 13, 2018
How to purchase SSL certificates from your Client Portal
Added on Thu, Sep 13, 2018
How to renew your SSL certificate
Added on Mon, Feb 23, 2015
How to purchase an extended validation (EV) standard SSL certificate
Added on Mon, Dec 22, 2014
How to install SSL certificates with SiteWorx
Added on Wed, Mar 13, 2019
What are the benefits of dedicated IP addresses?
Added on Tue, Jan 29, 2019
How to generate CSRs
Added on Thu, Jun 7, 2018