Can someone explain what a Root Certificate Authority is
and how it relates to a Common Server Certificate
I know how to make it work ( as in what to click and stick in the boxes and
how to generate certificate for clients etc ) but I don’t really get the fundamentals
Possible this answer is going to be loooooooong so if anyone feels like
doing me a certificate for dummies reply I would appreciate it, alternatively
if you could point me to a good ( ideally a opensuse specific ) idiots guide
that would be good too
The system is hierarchical. The Root CA is at the top of the hierarchy. Trust is supposed flow down the hierarchy.
In a simple arrangement, the root CA signs a server certificate, and that signature certifies the validity of the server certificate to the extent that the root CA has chosen to investigate that validity.
In a more complex arrangement, the root CA might sign a certificate for a secondary CA, and in turn that secondary CA signs the server certificate.
I might post a longer “certificates for dummies” at my blog. I hope you don’t mind my stealing that title. If I do decide to post that, then I’ll add a link in this thread.
And calling names: there were updates in the Update repo (now about a month ago) where FF removed Diginotar from it’s list of trusted CAs.
People reading your "Certificates for dummies"carefuully will now be able to understand waht this means.
Please, that is very, very off-topic here. When you have an NFS question/problem, start a thread with an explaining title in the Network forum. That might draw the attention of NFS gurus. Not when you hide your question in this thread which has avery different subject.
