IceSSL: Is it possible to avoid installing intermediate CAs on the client side?
When a server is using a certificate that has two or more CAs (for example, one root CA and one intermediate CA), is it possible to get the client side to trust the server certificate while having only the root CA (and not the intermediate CA) installed on the certificate store?
I think this means the server side needs to send the full certificate chain, and not only the leaf certificate,
I know there are configurations available for Apache to do something like that: https://stackoverflow.com/questions/30344893/how-to-force-apache-2-2-to-send-the-full-certificate-chain
Our goal is to make the client configuration simpler, meaning only one CA (the root one) would need to be installed on the client side even if the server is using a certificate signed by multiple CAs.