What is a chain of SSL certificates?

What is a chain of SSL certificates?

Overview
A chain of SSL certificates contains all of the certificates required to verify the subject identified by the end certificate.

Definition

A chain of SSL certificates contains all of the certificates required to verify the subject identified by the end certificate. Included are the end user (certificate), the certificates of any intermediate certificate authority (CA) and the root certificate. The root certificate issues a certificate for itself and is trusted by all the other members. Any intermediate CA in the chain owns a certificate issued by the CA one level up in the hierarchy of trust.

In order for any type of certificate to be used securely, the credibility of each certificate accepted should be verified. The process of this verification depends on the hierarchy of trust between the end user and the issuer of the certificate (Figure 1).

Figure 1. Hierarchy of trust.

Each certificate has a subject field that determines to whom the certificate was issued. Also, there is an issuer field which names the certification authority (CA) entitled to confirm the subject identity. Any new certificate must verify the authenticity of any certificates in the chain of certificate, starting from the original CA, to any intermediate CAs finishing at the end user. The validation process is performed to be certain the new certificate can be trusted, based on the verification of the other certificates in the chain (Figure 2).

Figure 2. Chain of SSL certificates.

If you have more questions regarding SSL chains of certificate, visit the Nexcess website or contact our Sales Team, available 9 a.m. to 5 p.m. eastern time (ET), Monday through Friday.

Article Rating (No Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
 
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
How to generate a CSR in Nexcess Cloud
Added on Thu, Jun 7, 2018
What is SNI?
Added on Tue, Jan 10, 2017
What is a premium SSL certificate?
Added on Thu, Feb 5, 2015
What is an extended validation (EV) SSL certificate?
Added on Thu, Feb 5, 2015
How to purchase a wildcard SSL certificate
Added on Mon, Dec 17, 2018
How to generate CSRs
Added on Thu, Jun 7, 2018
What are the benefits of dedicated IP addresses?
Added on Tue, Jan 29, 2019
How to manage SSL certificates for system services
Added on Wed, Apr 15, 2015
What is a multi-domain SSL certificate?
Added on Thu, Feb 5, 2015
How to import SSL certificates in your Client Portal
Added on Thu, Sep 13, 2018