Some notes so maybe I don’t forget how SSL certs work again:
- certificates are arranged in a chain from CA down
- the CA cert is special only because it is at the top of the chain
- you need to use the higher level cert to create lower level ones if you want them in the chain
- if you don’t need a separate authority, you can just use a self signed cert as the trusted root certificate (synonymous with CA?)
This was a good resource, except for the fact that the certificate size is too small (1024); this needs to be bumped up.