Nexcess Logo

What is a chain of SSL certificates?

Knowledge Base Home

Notice anything different?

We've enhanced the appearance of our portal and we're working on updating screenshots. Things might look different, but the functionality remains the same.
September 09, 2019

A chain of SSL certificates contains all of the certificates required to verify the subject identified by the end certificate.

Definition

A chain of SSL certificates contains all of the certificates required to verify the subject identified by the end certificate. Included are the end user (certificate), the certificates of any intermediate certificate authority (CA) and the root certificate. The root certificate issues a certificate for itself and is trusted by all the other members. Any intermediate CA in the chain owns a certificate issued by the CA one level up in the hierarchy of trust.

In order for any type of certificate to be used securely, the credibility of each certificate accepted should be verified. The process of this verification depends on the hierarchy of trust between the end user and the issuer of the certificate.

Each certificate has a subject field that determines to whom the certificate was issued. Also, there is an issuer field which names the certification authority (CA) entitled to confirm the subject identity. 

Any new certificate must verify the authenticity of any certificates in the chain of certificate, starting from the original CA, to any intermediate CAs finishing at the end user. The validation process is performed to be certain the new certificate can be trusted, based on the verification of the other certificates in the chain.

If you have more questions regarding SSL chains of certificate, visit the Nexcess website or contact our sales team, available 9 a.m. to 5 p.m. eastern time (ET), Monday through Friday.

Jason Dobry
We use cookies to understand how you interact with our site, to personalize and streamline your experience, and to tailor advertising. By continuing to use our site, you accept our use of cookies and accept our Privacy Policy.