OPC Foundation
  • Documents
  • NodeSets
  • Search
6.2.4 Issuer (CA) Certificates

An Issueror CA Certificateis an X.509 v3 Certificatethat identifies an authority that issues Certificates. An Issuer Certificatemay identify a root CA or an intermediate CA. Certificatesthat identify root CAs are self-signed Certificates. Certificatesthat identify intermediate CAs are issued by authority identified by an intermediate CA or root CA.

The X.509 v3 fields in Issuer Certificateswith specific requirements are shown in Table 45.

Table 45– Issuer Certificate

Field

Description

subject

The distinguished name of for the authority.

The Common Name attribute shall be specified.

The Organization should be provided.

Other attributes may be specified.

The subject field is completely described in RFC 5280.

authorityKeyIdentifier

Provides more information about the key used to sign the Certificate. It shall be specified.

basicConstraints

The basicConstraintsfieldis completely described in RFC 5280.

The cAflag Identifies whether the subject of the Certificateis a CA The pathLengthspecifies the maximum depth of valid chains that include this Certificate.

The cAflag shall be TRUE for CA Certificates.

Please report errors or issues with the site to webmaster.

Copyright © 2023 - OPC Foundation