• GoDaddy Community
  • VPS & Dedicated Servers
  • VPS & Dedicated Servers

    cancel
    Showing results for 
    Show  only  | Search instead for 
    Did you mean: 
    New

    purchasing an "intermediate" CA certificate

    Hi,

    I am working in a startup company in the data security area.

    Our product has a central management server (web application), which is used amongst other things to receive connections from devices in the network.

    Each customer which buys the product gets his own management server.

    The traffic to the server is done over SSL (https).

     

    So - we're currently generating a different CA certificate to every such web server and add it as a trusted CA to all the devices which connect to the server.

     

    The problem is - when you connect to the server using a web browser, you get a warning saying that the certificate used by the server is not secured.

     

    What we would like to do is to buy an "intermediate" CA certificate from GoDaddy and use it to sign all the different web server certificates (of our customers) so that browsing them would not trigger the warning.

     

    We couldn't understand if this is somehow possible to purchase such a certificate and use it to sign other certificates.

     

    Thanks

    2 REPLIES 2
    Moderator

    Hi @dan2, thanks for posting.

    GoDaddy doesn't offer a certificate or service that can be used to sign other certificates.

    Depending on the server/configuration you are using, you may be able to use a single UCC (different but related domains) or Wildcard (multiple subdomains) SSL instead of using individual SSLs for each server. Otherwise, you would need an SSL for each distinct domain used.

    ^Gary

    Gary - GoDaddy | Community Moderator
    24/7 Support | Check System Status
    Helper V

    @dan2 Another option is to create your own Certificate Authority. Then use your CA to create SSL Certs for the devices. The cert you create are not self signed and would only require you to add your CA cert to all devices that need to connect to the servers. any device that connects securely to your servers will see the cert has a valid chain of trust and as long as the device trust the CA Cert then no error is generated. and new device that wants to connect would only require the CA Cert to be installed/trusted.