Intermediate CA

The intermediate CA is the middle-man between the root and server certificates. The intermediate CA certificates are either signed by the root CA, or by another intermediate CA certificate signed by a root CA. The intermediate certificate, in turn, signs the server certificate. There is often one, or more, intermediate CA certificate in a chain. For the server certificate to be compatible with all its clients, the intermediate certificate has to be installed on the server. If not, it might prevent some browsers, mobile devices, applications, etc. from trusting the server certificate.