Skip to content

Commit

Permalink
Document issuance from Root CAs (#264)
Browse files Browse the repository at this point in the history 
Fixes #247
  • Loading branch information
@aarongable
aarongable authored Jan 15, 2025
1 parent fc17e8c commit 2139057
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions CP-CPS.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -313,6 +313,8 @@ No stipulation.

At a high level, the following steps are taken during issuance of a Subscriber Certificate. ISRG's automated processes confirm that all requested names have been properly validated to be controlled by the Subscriber requesting the certificate. The to-be-signed certificate is linted, then signed by a Subordinate CA in an HSM. After issuance is complete, the certificate is stored in a database and made available to the Subscriber.

All issuance from ISRG Root CAs requires direct action from a person acting in an appropriate Trusted Role as described in Section 5.2.1.

### 4.3.2 Notification to subscriber by the CA of issuance of certificate

Subscriber Certificates are made available to Subscribers via the ACME protocol as soon after issuance as reasonably possible. Typically this happens within a few seconds.
Expand Down

0 comments on commit 2139057

Please sign in to comment.