2
If i buy a certificate from Godaddy or a trusted certificate authority for my website. let's say example.com and i want to issue client certificates so i can validate certificates of clients connecting to my website. Can I use the certificate I bought to issue client certificates? So the clients can always verify their certificate against a trusted certificate authority and at the same time I ensure that only these clients I choose are the ones who can connect to my site?
I think you're confused about giving away certificates. Certificates are public information (they have the public key embedded) so there is no security risk in giving away your certificates. What you should never do is give away your private key. Give the Root CA certificate to your clients and they can verify your certificate, but that's all they can do. Give them both the certificate and private key and you're in trouble :-) – garethTheRed – 2019-11-05T15:50:16.987