I m creating a CA named CA1 using openssl.
CA1 needs to certify other certification authorities called CA2 & CA3 (generated through openssl).
Can anybody tell how to sign CA2 cert by CA1 ?
Further, say A has obtained certificate from CA2 & B has obtailed certificate from CA3.
Now, A and B needs to communicate:-
So, if A has to verify B cert, which certificates should be CA cert directory & in which order ?
according to my understanding A should have
1. CA1 cert.
2. CA2 cert signed by CA1.
3. CA3 cert signed by CA2.
What you think ?
Thanks in advance.
Expecting help from the community......