What is the certificate chain of trust?

5 minintermediatechain-of-trustpkicertificates

Quick Answer

A chain of trust links a website's certificate (the leaf) up through one or more intermediate CA certificates, to a root CA certificate the browser already trusts. Each certificate is signed by the one above it. CAs rarely sign website certificates directly with their root key — they use intermediates instead, so the root's private key can stay offline and better protected.

Detailed Answer

A certificate is rarely trusted alone. Instead, browsers verify a chain, from the website's certificate up to a root the browser already trusts.

[ Root CA certificate ]        <- pre-installed and trusted by the browser
        |  signs
        v
[ Intermediate CA certificate ]
        |  signs
        v
[ Leaf certificate: example.com ]   <- sent by the server during the handshake

Why the extra "intermediate" layer? A root CA's private key is extremely sensitive — if it ever leaked, every certificate it ever signed would become untrustworthy. So root CAs keep their private key offline, in tightly controlled storage, and use it only to sign a small number of intermediate CA certificates. Intermediates then do the everyday work of signing website certificates.

How a browser verifies the chain, when it connects to a site:

  1. The server sends its leaf certificate, plus any intermediate certificates.
  2. The browser checks: is the leaf's signature valid, using the intermediate's public key?
  3. The browser checks: is the intermediate's signature valid, using a root's public key?
  4. The browser checks: is that root already in its trusted store?
  5. If every check passes, the browser trusts the leaf certificate and the domain identity it represents.

Related Resources