3

I was working with a teammate importing certificates into a java keystore and I noticed our intermediate certificate had the ".L1K" notation, was then about to import into our Java application's keystore and saw there was another 'entrustl1k' certificate in the same keystore. So I wanted to find out what that means.

I found some information on Entrust's site here: https://www.entrustdatacard.com/pages/root-certificates-download that it might indicate it's a 'Non Extended Validation Certificate here: Entrust Certificate Authority ‐ L1K (Non‐EV SSL)'

However just beneath that line there was another "Non-EV SSL" cert download link with the 'L1M' notation. "Entrust Certificate Authority ‐ L1M (EV SSL)"

Flux
  • 33
  • 1
  • 4

1 Answers1

7

It's simply the name of the certificate authority. They could just as well have been called "Entrust Certificate Authority - Foo (Non-EV SSL)" and "Entrust Certificate Authority - Bar (EV SSL)".

I'd guess that L1 stands for "level 1", and they then add on a letter to differentiate between their CAs. But for anyone outside of Entrust, it's just a name.

Jenny D
  • 27,780
  • 21
  • 75
  • 114
  • In the Entrust CPS are quite a few certificates mentioned, it looks indeed that L1 stands for the subordinate certificates and the last letter is the generation (increased over the years) – eckes Jan 15 '19 at 10:25
  • Thank you! I had a hard time finding any documentation on on this, even on Entrust's site. – Flux Jan 15 '19 at 15:33