Chapter 10. Multiple Certificates per Entity

In this chapter, we discuss the situation in which a single PKI entity holds multiple valid certificates, and we give a number of reasons why such a situation might not only be possible but also desirable. The concept of different uses for key pairs is presented; some attention is also given to the relationship between key pairs and certificates.

Multiple Key Pairs

As time goes on and PKI deployments grow in number and in function, a PKI entity will typically have a number of key pairs even if all key pairs, on the surface, appear to be used for the same purpose (such as signing data). This is because a strong correspondence can exist between a key pair and a “role”—that is, between a key pair and one ...

Get Understanding PKI: Concepts, Standards, and Deployment Considerations, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Understanding PKI: Concepts, Standards, and Deployment Considerations, Second Edition by

Chapter 10. Multiple Certificates per Entity

Multiple Key Pairs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly