A chain of SSL certificates contains all of the certificates required to verify the subject identified by the end certificate.
A chain of SSL certificates contains all of the certificates required to verify the subject identified by the end certificate. Included are the end user (certificate), the certificates of any intermediate certificate authority (CA) and the root certificate. The root certificate issues a certificate for itself and is trusted by all the other members. Any intermediate CA in the chain owns a certificate issued by the CA one level up in the hierarchy of trust.
In order for any type of certificate to be used securely, the credibility of each certificate accepted should be verified. The process of this verification depends on the hierarchy of trust between the end user and the issuer of the certificate.
Each certificate has a subject field that determines to whom the certificate was issued. Also, there is an issuer field which names the certification authority (CA) entitled to confirm the subject identity.
Any new certificate must verify the authenticity of any certificates in the chain of certificate, starting from the original CA, to any intermediate CAs finishing at the end user. The validation process is performed to be certain the new certificate can be trusted, based on the verification of the other certificates in the chain.
If you have more questions regarding SSL chains of certificate, visit the Nexcess website or contact our sales team, available 9 a.m. to 5 p.m. eastern time (ET), Monday through Friday.