For use with TLS, I have a CD-issued certificate for *.mycompany.com (cert1). Understandably, I do not want to distribute the private key very widely. What I'd like to do is this:
- Create another certificate for everyday use for *.mycompany.com (cert2) and sign it with the private key from cert1.
- Put cert1 on a memory stick in a safe and destroy any other copies of its private key.
- Create a certificate for blog.mycompany.com and sign it with cert2.
- Create a certificate for bank.mycompany.com and sign it with cert2.
I think the motivation behind this is pretty clear: I don't want the people running the WordPress server at blog.mycompany.com (as diligent as they might be) to be able to impersonate bank.mycompany.com, or for a breach of blog.mycompany.com to affect bank.mycompany.com. I also want to be able to rotate cert2 (have cert3, cert4, etc., signed with cert1 over time) to mitigate the blast radius of a breach of cert2 -- and to be able to immediately revoke cert2 and issue new keys based on cert3 if such a breach is discovered. And I want to do this without having to go to a CA every time.
Basically, I want to create my own little PKI, with a CA-issued certificate as its root. I only want to sign certs for domains that are children of my domain. And this is for public use - I can't add trusted certificates to clients. I will obviously include the entire certificate chain for TLS.
Is this possible?
