Certificate hierarchy

The Certificate Authority (CA) is the ultimate authority as it holds the master key, also known as the root key, to sign all of the certificates that it gives the Intermediary, which then in turn issues to the requester:

Figure 1: Certificate hierarchy
  • Online CA: An internal online CA is always up and running so that people in the company can request a certificate at any time of the day or night. The environment would not be a government or a top security environment.
  • Offline CA: An offline CA is for a military or secure environment where clearance and vetting must be completed before someone can be issued a certificate. ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.