[Ach] Publish own CA certificate. Loss of security?

Torge Riedel torgeriedel at gmx.de
Sun Jan 19 11:29:39 CET 2014


just a question I was just faced with:

For my own server I created my own CA certificate with which I signed new certificates for all of my services. My CA certificate is protected by a key. Is it a loss of security if I publish the CA certificate by - let's say - a web site so visitors of my https-protected web site can import it to their browser's cert list?

As I understood no one else can use my CA certificate to sign own certificates without knowing the key. Is this right?

Thanks in advance

More information about the Ach mailing list