Announcement

Collapse
No announcement yet.

CAs and self-issued certificates

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • CAs and self-issued certificates

    I'd just like to review something I covered off in training recently, and an idea it gave me.


    If I have a CA root within our environment, I can use that to issue certificates. Those certificates will be valid within our environment, as long as we import the CA Root certificate via GPO or similar.

    so far so good, yea ?

    Now - assume I still want to self-issue certificates, but I want them to be issued and fully trusted externally.

    If I have a valid certificiate issued from say Verisign, and we use that on our CA root, then issue certificates, the chain is valid, even if you're outside our environment correct ?

    Because our server42.thecamel.com certificiate has been issued by Thecamel.com root CA, which has a valid verisign certificate

    or am I off the mark?

    And obviously, I'd need a different sort of certificate - just a standard verisign cert wouldn't work ?
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

  • #2
    Re: CAs and self-issued certificates

    You're off the mark,

    Nobody is going to add your CA as a child CA within their PKI.

    Comment


    • #3
      Re: CAs and self-issued certificates

      thanks..
      Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

      Comment


      • #4
        Re: CAs and self-issued certificates

        Not quite true, if you can make business out of it..
        you should become a partner I believe

        http://www.verisign.com/partners/ssl...ams/index.html
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment

        Working...
        X