I finished an interesting document with the following requirements:
The CallBridge and WebBridge services are running in the same node.
- The CallBridge service should use the CA-1 Server to sign the CallBridge certificate called CALLBRIDGE.cer.
- The WebBridge service should use the CA-2 Server to sign the WebBridge certificate called WEBBRIDGE.cer.
- The CallBridge must use the subordinate CA generated from CA-1 Server.
- The WebBridge must use the subordinate CA generated from CA-2 Server.
- Create a Bundle CA Called CB-Bundle.cer for CallBridge service using the Subordinate CA and Root certificate of CA-1 server.
- Create a Bundle CA called WB-C2W-Bundle.cer for WebBridge service using the Subordinate CA and Root certificate of CA-2 server.
- Create a certificate chain called WEBBRIDGE-CHAIN.cer for WebBridge3 using the previous subordinate CA, the Root certificate of CA-2 server and the WebBridge certificae.
- Make sure that the CallBridge service will trust only the WebBridge certificate chain signed by only the certificate WB-C2W-Bundle.cer.
- Make sure that the WebBridge service will trust only the CallBridge's certificate signed by onlt the certificate CB-Bundle.cer.