The key difference between a publicly trusted and private certificate authority is that all computers and browsers trust publicly trusted Certificate Authorities while private CAs will have to be explicitly added by the IT administrator.
In cryptography a certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate.
The two tier hierarchy has two CA types Root CA and Issuing/Subordinate CA. This article explains what is the difference between a root CA and an Issuing CA.
This guide provides a step-by-step process for renewing/rotating a private Certificate Authority (CA) without causing any outages or certificate issues in your organization.
When deciding the lifetime of your certificates, the selected key size and cryptographic algorithm have an effect on how long the certificate will be safe.
When designing the validity period of a Certificate Authority (CA), many factors have to be taken into consideration Lifetime of the parent CA, desired lifetime for issued certificates, key algorithm used, and security of the private key.