0Pricing
Cryptology Academy · Lesson

Certificate Authorities & Trust Chains

Learn root CAs, intermediate CAs, and how browsers verify certs.

Welcome

Certificate Authorities are the trust anchors of the internet. In this lesson we trace how root CAs, intermediate CAs, and leaf certificates form a chain of trust.

Root CA

A root CA is self-signed: Issuer == Subject. Root CA private keys are kept offline in HSMs in multiple secure facilities. There are ~150 root CAs trusted by major browsers.

All lessons in this course

  1. What Is a Certificate? X.509 Structure
  2. Certificate Authorities & Trust Chains
  3. Certificate Revocation: CRL & OCSP
  4. Creating Self-Signed Certs with OpenSSL
← Back to Cryptology Academy