What is an ICA SSL Certificate?

ICA SSL certificates or Intermediate Certificate Authorities (ICAs) are digital certificates that help route your website’s SSL certificate to the root CA certificate that will help browsers and external web applications trust your online identity. 

Understanding Some Important Terminologies 

What is a Certificate Authority?

A certificate authority is an entity that issues security certificates for websites and other servers. These certificates allow people to verify that they are connecting to the correct website or server.  CAs are also responsible for revoking certificates when they expire or if hackers compromise them. Certificates are often used to verify that you are who you say you are when using digital services, such as banking or shopping online. They can also be used to confirm that a website is legitimate and that it hasn’t been hacked by criminals.

Most people don’t realize how many certificates they encounter every day. For example, if your bank uses a secure connection called Secure Socket Layer (SSL), then it uses a certificate issued by a CA (certificate authority). This CA confirms that the bank’s website is legitimate and hasn’t been tampered with by hackers or other parties who might try to steal your personal information.

What is a Trusted Root Certificate?

When you visit a website that has an SSL certificate, your browser will check its authenticity. This helps you know that the site can be trusted and that no one else is impersonating it. The browser will do this by comparing the information on the certificate with what’s stored in its own database of trusted root certificates. If everything checks out, then you know that everything is working as it should be.

If something goes wrong with a trusted root certificate and you don’t notice right away, it could cause problems later on down the road! A lot of websites use these certificates—even ones where there are no security issues involved—so don’t worry if you don’t see anything unusual at first glance!

Who issues it?

There are two main types of trusted root certificates: those that are issued by a CA (Certificate Authority) and those that are self-signed. CA-issued trusted roots are typically used by larger organizations because they’re easier to manage than self-signed ones.

What is a Server Certificate?

A server certificate is a digital document that establishes the authenticity of a website. It’s issued by a trusted third party, which confirms that the site is who it says it is and can be trusted by visitors by appending the server machine name or the domain name to the digital file. 

Server certificates can be used for a number of different purposes:

  • They’re used to prevent cyber eavesdropping on websites without the host’s consent 
  • They’re often used by websites to make sure that you are on their page and not some other site pretending to be theirs.
  • They are used to establish a sense of trust among your site and visitors interacting with it, ensuring that their actions are protected against any third-party intrusions

What is the need for ICA SSL Certificates?

An ICA (Intermediate Certificate Authority) certificate is a digital certificate that binds your site’s root certificate to the server certificate. It verifies the authenticity of your organization and ensures that sensitive information is protected, enabling your visitors to trust your website.

How to install/enable an ICA SSL Certificate?

You can download your intermediate certificates from the designated section on your certificate authority’s website to the desktop of your web server machine. 

Right-click on the downloaded file and select import to run the file. Follow the steps to successfully install the ICA certificate. Repeat the steps until you have imported all ICA certificates that have been sent to your by your CA. 


Note: Before installing the intermediate certificates make sure you have installed your root SSL certificate and the respective certificates appear under Intermediate Certification Authorities. After installation, restart your server to complete the process.

How to protect your emails?

While SSL certificates help you protect your website against unauthorized use, you can protect your email domain against impersonation with DMARC: an email authentication protocol that helps you take action against emails that come from illegitimate sources impersonating your domain name. 

Starting your journey towards DMARC enforcement with PowerDMARC to take full control of your domain, gain visibility on your email channels at the fastest market speed and shift to enforcement safely! 

Latest posts by Ahona Rudra (see all)