Can a Certificate Authority run a service similar to AutoSSL?
A Certificate Authority (CA) would have difficulty creating a completely automated system to vet certificate information without recreating the entire AutoSSL infrastructure: When a CA receives a certificate signing request, it must verify that the sender of the request has both legal control over the domain represented and the authority to make that request. (For example, not all Amazon.com employees are authorized to create an amazon.com SSL certificate.) This means that the process of signing a certificate stops while the CA vets this information, either by telephone, e-mail, requesting supporting documentation, or another method that requires user interaction. Since the user must do something in the middle of the process, it cannot be completely automated. In contrast, AutoSSL was designed explicitly to automate the process of creating and signing certificates. AutoSSL does not require human interaction for vetting since a trusted source created the certificates. Removing this vett
Related Questions
- If a domestic entity is terminated, cancelled, or dissolved or a foreign entity’s certificate of authority or registration is revoked, is there a deadline for reinstatement?
- Where do I get the application for a Certificate of Authority to Install, Maintain or Service Boilers?
- How often is a Personnel Employment Service required to renew its certificate of authority?
