Certificate Auth. Cross Ceertificates

Brian 1 Reputation point
2021-02-03T20:40:26.42+00:00

We seem to be having issues with our certificates. I have found a bunch of Cross Certificates out there and not even sure how they got there. We only have one domain, one PKI so how do I stop them from getting created and or can I just delete them? Not finding much from google so any help would be appreciated.

Windows for business | Windows Server | Devices and deployment | Configure application groups
{count} votes

1 answer

Sort by: Most helpful
  1. Anonymous
    2021-02-04T02:37:21.213+00:00

    Hello,

    Thank you so much for posting here.

    A cross-certificate is a digital certificate issued by one Certificate Authority (CA) that is used to sign the public key for the root certificate of another Certificate Authority. Cross-certificates provide a means to create a chain of trust from a single, trusted, root CA to multiple other CAs.

    I have checked that there are also some cross certificates in my environment.

    63805-1.png

    For more information, we could refer to:
    https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-cross-certification

    https://learn.microsoft.com/en-us/windows-hardware/drivers/install/cross-certificates-for-kernel-mode-code-signing

    Best regards,
    Hannah Xiong

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.