7.10. Certificate Authority Roles

Within the enterprise, the PKI is usually comprised of multiple certificate authorities, each of which contains one of several roles. These range from the most fundamental of all roles—the root CA role—to a simple CA issuing certificates, all of which fit somewhere within the CA hierarchy.

7.10.1. Root CA Role

The root CA in an organization is the first installed and most important CA in the entire infrastructure. Ultimately, the root CA contains the authority to sign certificates as well as authorize other subordinate CAs throughout the organization. And authorizing subordinate CAs is the activity that most root CAs spend the majority of their time undertaking.

Logically, what happens with a root CA is that ...

Get MCITP: Windows Server® 2008 Enterprise Administrator, Study Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial