Manualshelf

User guide

ManualsBrandsDVS ManualsComputer equipmentClipster
101102103104105106107108109110
6-17
Miscellaneous
other certificates) certifies that it comes from another certificate (the in-
termediate certificate), this certifying that it comes from a further cer-
tificate (another intermediate), and so on until the last certificate in the
chain is reached (the root certificate that confirms the validity of the
whole chain as well as the identity of its issuer).
The whole structure of a certificate chain implies a hierarchy where the
highest rank is held by the root and the lowest by the leafs.
Figure 6-8: Certificate hierarchy
The root certificate is either a CA-issued certificate or a self-signed one,
i.e. it is signed by its own private key. From this root certificate other
certificates can be created (intermediates), that enable other users to
digitally sign items in the name of the root via their private keys. Addi-
tionally, from intermediate certificates further certificates can be creat-
ed (either other intermediates or leaf certificates). The last link in the
chain is the leaf certificate that can only be used for signing, meaning
other certificates cannot be created from a leaf.
All certificates in a certificate chain refer back to the identity that is
bound to the root certificate and thus inherit the trustworthiness of the
root.