Certificate verification – Brocade Virtual ADX Security Guide (Supporting ADX v03.1.00) User Manual
Page 125
Brocade Virtual ADX Security Guide
113
53-1003250-01
Configuring SSL on a Brocade Virtual ADX
6
Certificate verification
Every certificate has two very important fields: issuer (issued-by) and subject (issued-to). A CA’s
certificate has the same value in both fields, because the authority has issued a certificate to itself.
However, when the authority issues a certificate to a server, the issuer field contains the CA's
name, but the subject contains the server's name.
For example, the following server certificate was issued by Verisign (a CA):
To authenticate this server certificate, the client, for example, Firefox or IE, should have the
corresponding CA's certificate. When you open the trusted root CA page in Internet Explorer, you
can also see that entry has the same value in the issued by (issuer) and issued to (subject) fields.
This is an example of how a server certificate is issued directly by a CA. Note that in this scenario,
the server sends only its own certificate and not that of the CA.
shows a CA certificate.
FIGURE 7
Certificate
Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
Subject: C=US, ST=California, L=San Jose, O=Brocade Inc, OU=L47 and Security
Group, OU=Terms of use at www.verisign.com/rpa (c)05, CN=l47qa.brocadenet.com