OpenSSL Certificate Cross Signing

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

OpenSSL Certificate Cross Signing

Moritz Wirth
Good Evening all,

I have 2 Root Certificate Authorities which I want to use to cross sign
an intermediate certificate. I created a certificate request and signed
it with both CAs.

I issued an end user certificate with the intermediate CA and added both
intermediate CA Certificates (the one from Root1 and the one signed by
Root2). If only one CA is trusted, the certificate is still recognized
as trusted in Firefox regardless which certificate is on top of the
chain (Which is exactly what I want.)

I wondered if I can connect both intermediate Certificates to a single
certificate or do I always need both certificates?

Best Regards,


openssl-users mailing list
To unsubscribe: