Any new SSL (Secure Sockets Layer) Certificates issued by GeoTrust will require installing a new intermediate SSL certificate called “RapidSSL Intermediate CA” along with the standard SSL certificate. GeoTrust has enhanced its security by upgrading to a more robust 2048-bit RSA key for its root certificates. As a result, this will ensure continued compatibility with web browsers.
Table of Contents
What are Intermediate SSL Certificates?
Intermediate SSL certificates are crucial for establishing a chain of trust that verifies your website’s authenticity and security.
SSL Certificates, also called TSL Certificates, are issued in a hierarchical structure. The Root Certificate Authority (CA) is at the top, followed by Intermediate CAs, and finally, the SSL installed on a web server. When a web browser connects to a site, it verifies the certificate chain. If any link in the chain is missing, the trust is broken.
Installing an Intermediate SSL Certificate ensures the complete chain is available, allowing browsers to validate the SSL installed on the server.
Without the intermediate certificate, browsers may show SSL Certificate errors, warning users that a website is untrustworthy. For example, “NET::ERR_CERT_AUTHORITY_INVALID” may appear when the intermediate certificate is missing.
These errors can also include messages like “Not Secure” or “Your Connection Is Not Private”. The padlock icon indicates that a valid SSL on the website may also not appear.
The process is as follows:
- A Root SSL Certificate is pre-installed in web browsers.
- An Intermediate SSL Certificate, signed by the Root CA, verifies your SSL.
- The SSL Certificate installed on your website then encrypts data during transfer.

Additional Information
SSL Certificates vs Intermediate SSL Certificates
Intermediate SSL Certificates are an essential part of the overall SSL infrastructure, which serves a specific purpose.
SSLs are the certificates that encrypt data between your website and visitors. They contain information about your domain name and are signed by a Certificate Authority (CA). The Intermediate Certificate, signed by the Root Certificate, verifies the authenticity of the SSL you use on your website. Intermediates are added to web servers along with the certificate for the domain.
Intermediate SSL Certificates are a bridge between the main SSL and a highly trusted Root Certificate; these are added to a server along with the SSL issued for your domain.
Root Certificates
A Root Certificate is a public key certificate that identifies a Root CA. It is self-signed, meaning it validates itself without relying on other certificates.
Root Certificates are pre-installed in most browsers. They are required because Root CAs don’t directly sign SSLs installed on websites for security reasons. Root CAs are closely guarded due to their critical role in the web’s PKI (Public Key Infrastructure). By delegating signing duties to Intermediate Certificates, CAs can limit the damage if a security breach occurs.
Also, revoking a compromised intermediate certificate impacts a smaller pool of certificates compared to revoking a Root CA certificate, which would disrupt many websites.
In short, both certificates are essential for a secure connection. An SSL encrypts data, while the Intermediate Certificate ensures that encryption is valid and trustworthy.