By default, Root & Intermediate Certificates generated for Certificate Manager come with a standard path length of 1 and signature algorithm of ECDSA-SHA256 (among other settings). Some organizations may require a different algorithm (such as RSA) or may want to manage a custom certificate authority hierarchy.

We currently don’t allow users to configure these settings directly, but we can absolutely configure this for you. These settings cannot be changed for an existing authority, so we will have to create a new authority for you.

Create a support ticket to begin this conversation. When making this request, please include the following information:

  • Path Length (CA depth from the root → intermediate_1 → intermediate_n → leaf certificates)
  • Signature Algorithm
  • Root and Intermediate Lifetime