What is an intermediate certificate?
The intermediate certificate is a certificate that was issued as a dividing layer between the Certificate Authority and the end users certificate. It serves as a verification device that tells a browser that a certificate was issued on a safe, valid source, the CAs root certificate. These root certificates are part of the browsers by default.
The intermediate certificate is issued along with every SSL certificate order, and needs to be installed on the server at the same time. By using the fingerprint of the intermediate certificate that is part of the end users certificate, a browser can check whether the certificate was issued on a valid root certificate.
It may occur that an end user certificate was issued on a chain of multiple intermediate certificates. In that case, all appropriate intermediate certificates must be installed on the server. Only then will the browser be able to retrace the string of fingerprints and certificates to the root certificate in the browser.
Frequently asked questions
About SSL certificates
- What is a common name?
- What is a private key and what is a public key?
- What is a wildcard certificate?
- What is an intermediate certificate?
- What is a root certificate?
- What is SNI and when do I need it?
- What are cipher suites?
- What is HTTP Strict Transport Security (HSTS)?
- What is OCSP?
- How does file approver work?