How to make your CA trusted?

N

Nicholas Secret2016-06-15 00:28:07

Digital certificates

Nicholas Secret, 2016-06-15 00:28:07

I had a thought that seems crazy, but real. I want to fill the gap in knowledge with the following question. I plan to deploy CA in the enterprise network. It will issue self-signed certificates for s/mime mostly, but we'll see. So far so good, though! I thought instead of manually adding his certificate to the trusted ones, sign his public key somewhere on wosing or stassl, using his Internet-accessible domain name. and then learn that the certificates that he issued and signed will be signed by ca, which itself is signed in root ca. and then the signatures of my employees in the mail will be trusted by everyone.
questions: what I don't know about certificates? is such a scheme possible? perhaps I need some other type of certificates than san dv?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

E

Eugene, 2016-06-15
@yellowmew

Can I get an Intermediate CA signed by the Root Authority?
especially read the article on MS, paying attention to phrases like "therefore the price is quite high"
and the requirements for your own CA that must be met in order for you to issue a certificate for your CA

D

Dadilo, 2016-06-15
@Dadilo

If inside, then it's easy.
The easiest way is to place the certificate of your certificate authority in the registries of local computers in the "certificate authorities" section.
But external consumers will not care about your certificates.