How To Learn To Trust

A brief overview of PKI (Private Key Infrastructure) and why your certificate is trusted.

One of the most common questions we field is in relation to the "Concatenation of Trust." If you lot've ever had any questions nearly roots, intermediates or how SSL certificates are chained, you're discussing the Chain of Trust. This article will serve to explain how certificate chaining works and how a browser determines that your certificate can be trusted.

What is the Concatenation of Trust?

The Chain of Trust refers to your SSL certificate and how information technology is linked dorsum to a trusted Certificate Authority. In lodge for an SSL certificate to be trusted information technology has to be traceable back to the trust root it was signed off of, meaning all certificates in the chain – server, intermediate, and root, need to exist properly trusted. At that place are 3 parts to the chain of trust:

Root Document – A root certificate is a digital document that belongs to the issuing Certificate Authorisation. It comes pre-downloaded in most browsers and is stored in what is called a "trust store." The root certificates are closely guarded by the Certificate Authorities.

Intermediate Document – Intermediate certificates branch off of root certificates similar branches off of trees. They act as middle-men betwixt the protected root certificates and the server certificates issued out to the public. In that location will ever be at least 1 intermediate document in a chain, merely there can be more than than one.

Server Document – The server certificate is the one issued to the specific domain the user is needing coverage for,

How does the Chain of Trust piece of work?

When you install your SSL document, you'll likewise exist sent an intermediate root certificate or packet. When a browser downloads your website'south SSL document upon arriving at your homepage, it begins chaining that certificate dorsum to its root. Information technology volition begin by following the chain to the intermediate that has been installed, from there it continues to tracing backwards until it arrives at a trusted root certificate. If the certificate is valid and can exist chained back to a trusted root, it will be trusted. If it can't be chained back to a trusted root, the browser volition issue a warning about the certificate.

Troubleshooting Chain of Trust Bug

You volition occasionally receive errors regarding your certificate's Chain of Trust if something has been configured incorrectly. Here are some things to consider if you receive an error relating to your trust concatenation.

Was your SSL certificate issued past a trusted CA? If not, your SSL certificate will not be trusted past browsers.This would also exist an effect if you self-signed your document.
Did you install your intermediates properly? While some browsers will try to fill in any gaps in the certificate chain, y'all don't want to get out things to adventure. Make sure that y'all successfully install all intermediate certificates at the time you lot install your SSL certificate.
Is your server configured correctly? But because you lot've installed your SSL certificate and any accompanying intermediates doesn't hateful y'all've configured your server properly. If you're having problem with the installation of your document, our installation team would he happy to aid.

Every bit e'er, if you have any questions about the Chain of Trust experience costless to contact our Customer Experience Section!