Cross-certificates are used to establish trust between separate certification hierarchies, such as in separate networks or portions of a network. In these cases, cross-certificates are typically configured to:
- Define the namespaces for which certificates
issued in one certification hierarchy can be used and accepted in
the second hierarchy.
- Specify the acceptable uses of certificates
issued by a cross-certified certification authority (CA).
- Define the issuance practices that must be
followed for a certificate issued by the cross-certified CA in
order for them to be considered valid in the other hierarchy.
- Create a managed trust between separate
certification hierarchies.
The Cross-Certificates tab can be used to add cross-certificate download locations.
When cross-certificates are used, the information on the Cross-Certificates tab describes which of these types of restrictions, if any, have been applied.
Cross-certificates can be used in both intranet and extranet environments.
Additional references