CA1 signing CA2's certificate

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

CA1 signing CA2's certificate

Raj Singh-5
Hi All,
I m creating a CA named CA1 using openssl.
CA1 needs to certify other certification authorities called  CA2 & CA3 (generated through openssl).
                          /         \
                        CA2      CA3
                        /              \
                      <A>           <B>

Can anybody tell how to sign CA2 cert by CA1 ?
Further, say A has obtained certificate from CA2 & B has obtailed certificate from CA3.
Now, A and B needs to communicate:-
So, if A has to verify B cert, which certificates should be CA cert directory & in which order ?
according to my understanding A should have
1. CA1 cert.
2. CA2 cert signed by CA1.
3. CA3 cert signed by CA2.

What you think ?

Thanks in advance.
Expecting help from the community......

Rajeshwar Singh