Cross-certificates are used to establish trust between separate certification hierarchies, such as in separate networks or portions of a network. In these cases, cross-certificates are typically configured to:

  • Define the namespaces for which certificates issued in one certification hierarchy can be used and accepted in the second hierarchy.

  • Specify the acceptable uses of certificates issued by a cross-certified certification authority (CA).

  • Define the issuance practices that must be followed for a certificate issued by the cross-certified CA in order for them to be considered valid in the other hierarchy.

  • Create a managed trust between separate certification hierarchies.

The Cross-Certificates tab can be used to add cross-certificate download locations.

When cross-certificates are used, the information on the Cross-Certificates tab describes which of these types of restrictions, if any, have been applied.

Cross-certificates can be used in both intranet and extranet environments.

Additional references

Table Of Contents