I am attempting to establish an internal CA within my company. One of the primary purposes of doing this is to issue certificates to our customers, which they will use to establish TLS connections between our client and server applications (both Windows OS-based). I am currently working under the following constraints:
- A server certificate will be issued to each of our server customers, and should be installed on the customer's server such that our Server Application can use it to establish TLS sessions.
- A trusted root certificate for our CA will be packaged with our Client Application, and should be installed silently along with the application in such a way that the Client Application can use it to verify the server certificate. (The installer is assumed to have administrative access on the client machine.)
- The trusted root certificate should be available to any user of the Client Application on the client machine, and should not require a password from the user to access.
- I hesitate to place the trusted root certificate in the "Trusted Root Certification Authorities" section of the Local Machine certificate store, because it could then be used in a larger scope than simply authenticating our application (to authenticate web pages for IE, for example.) In the event that our root certificate is compromised, I would rather limit the damage to our own application.
Where and how should I be installing the server certificate and the trusted root certificate on the server and client machines (again, both using a Windows OS) such that these constraints are met?
