!!! Overview[1]
[{$pagename}] ([certificate_list] or [Certification path]) is a [Chain of trust] of [Certificates] beginning with a [Subject Certificate] and ending with the [Root Certificate], with [OPTIONAL] [intermediate Certificates] in between, each [Certificate] being [Signed|Digital Signature] relatively to the [Public Key] which is encoded in the previous [Certificate].

Validation of the [{$pagename}] is a critical part within any [Certificate-based Authentication] process.

[{Image src='Certificate Chain/certificate-chain-two.png' caption='Certificate Chain' align=left style='font-size: 120%}]. \\


!! [Browsers] and [{$pagename}]
Some [browsers] may complain about a [certificate] signed by a well-known [Trust Anchor], while other browsers may accept the [certificate] without issues. 


This occurs because the issuing authority has signed the server certificate using an [Intermediate Certificate] that is not present in the base of well-known trusted [Certificate Authority] which is distributed in a particular browser. In this case the authority provides a bundle of chained certificates that should be concatenated to the signed server certificate. The [Site Certificate] must appear before the chained certificates in the combined file:

%%prettify 
{{{
$ cat www.example.com.crt intermediate.crt > www.example.com.chained.crt
}}} /%


!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [SSL Certificate framework 101: How does the browser actually verify the validity of a given server certificate?|https://security.stackexchange.com/questions/56389/ssl-certificate-framework-101-how-does-the-browser-actually-verify-the-validity|target='_blank'] - based on 2015-03-16
* [#2] - [The First Few Milliseconds of an HTTPS Connection|http://www.moserware.com/2009/06/first-few-milliseconds-of-https.html|target='_blank'] - based on 2015-03-16