Most private and public CA’s sign certificate requests with an Intermediate Certificate Authority. See example below of a certificate signed by Thawte: Sometimes you will have to add such a signed certificate on a sever or appliance on which you are unable to import the Intermediate Certificate Authority certificate.
Chain of Trust - Let's Encrypt - Free SSL/TLS Certificates Feb 07, 2020 cryptography - What is an intermediate certificate Any CA can be an "intermediate CA". Because "being intermediate" is defined by how the verifier sees it. When you validate a certificate, you verify the signature which has been generated over that certificate by the CA which emitted the certificate. This signature is verified against the CA public key. How to import CA certificates | Documentation If not present, the primary root and intermediate CA certificates are downloaded during the installation process using Microsoft's automatic root update mechanism, which requires an Internet connection. For more information about the Windows Root Certificate Program,
What is an intermediate certificate? Intermediate certificates are used as a stand-in for our root certificate. We use intermediate certificates as a proxy because we must keep our root certificate behind numerous layers of security, ensuring its keys are absolutely inaccessible.
The Difference Between Root Certificates and Intermediate
How to add a trusted CA certificate to Chrome and Firefox
Why do I need to add intermediate CA certificates to JVM's The intermediate certificate was in Windows' certificate store. I have removed the intermediate certificate from Windows' certificate store and the browser was still able to access it. This means that the browser somehow "cached" the intermediate certificate. to find the issuing CA certificate, provided it is a URI of type ldap, http, or ftp.