Mac OS X 10.5 Help

About certificate authorities

A certificate authority (CA) is a digital identity that signs certificates and makes them valid electronic documents. Several levels of certificates are issued, forming what is called a “certificate chain.” For a certificate to be valid, the CA that signed it must be valid, and so on down the chain. The last item on the certificate chain is known as the leaf. The validity of certificates in a chain is automatically determined by Mac OS X when it evaluates a certificate.

Here is an example of the levels of the certificate chain:

Root certificate: The certificate authority, the certificate is self signed, meaning the signature of the root certificate was created by the root certification authority themselves

Intermediate certificate: Signed by the root certificate authority. The root certification authority creates its own certificate and then creates a certificate for intermediate certification authority

User certificate: Signed by the intermediate certificate. The intermediate certification authority creates the certificate for the user. Since it is the end of the chain it would be considered the leaf.

You can view and evaluate the validity of a certificate chain using the Certificate Assistant in Keychain Access.

Open

Apple Security Overview website- Certificate authority

Keywords: khelp kmosx kmosx5

iPod AND reset	Search results must contain both "iPod" and "reset"
MacBook OR Leopard	Search results may contain either "MacBook" or "Leopard"
iPhone NOT Windows	Search results must contain "iPhone" and must not contain "Windows"
"backing up to external disk"	Search results must contain the phrase "backing up to external disk"

Browse Support

Languages

Mac OS X 10.5 Help

About certificate authorities

Open