Y
Hacker News
new
|
ask
|
show
|
jobs
by
digitalPhonix
633 days ago
How? An internal CA is just a self-signed certificate that you’ve told your device to trust; and to trust other certificates signed by it.
Somewhere you still need to trust a self-signed certificate.
1 comments
cpach
633 days ago
You can guard the root certificate better than the leaf certificate. For example, you can keep it offline in an air-gapped environment.
link