hosting a local CA using commercial certifcate chaining

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Hello everybody,

I have a question regarding hosting my own Certification Authority in
my company. The scenario is:

We have multiple hosts serving different stuff in the company. We have
to purchase/re-new certificates from commercial CAs which cost huge
amount of money. I want to (and theoretically its possible to) get
just one signed certificate from commercial CA and then sign
subsequent certificates ourselves. My hunt for information on such
setups only resulted in people advising personal CAs for non-public
use. I want to know if anyone of you is using/has setup such setup,
please share your experience with me.

Also, I am wondering would I have to get a special certificate (a CA
certificate) for hosting a CA or a normal one would do?


Site Timeline