I have a certificate for my web service issued with Let’s Encrypt.
Another service that communicates with my web service requires that my certificate must be signed with theirs, otherwise their client will abort the connection attempt.
- is it possible for them to “add” their signature to my certificate? Would the answer be different with other issuer than Let’s Encrypt?
- Does this process require me to share with them any secret values (like private key)?
Their certificate is self-signed and I suppose it is without Basic constraints (I think it matters here, but I am not an expert, hence the question…).
I understand the inconvenience that it will have to be done every 3 months, but nonetheless, question remains valid.