root intermediate and entity

var forge = require("node-forge"); /////////ROOT CERT//////////// var rootCert = forge.pki.createCertificate(); rootCert.serialNumber = '01'; rootCert.validity.notBefore = new Date(); rootCert.validity.notAfter = new Date(); rootCert.validity.notAfter.setFullYear(rootCert.validity.notBefore.getFullYear() + 1); var attrs = [{ name: 'commonName', value: 'root' }, { name: 'countryName', value: 'US' }, { shortName: 'ST', value: 'Virginia' }, { name: 'localityName', value: 'Blacksburg' }, { name: 'organizationName', value: 'Test' }, { shortName: 'OU', value: 'Test' }]; rootCert.setSubject(attrs); rootCert.setIssuer(attrs); var rootKeypair = forge.rsa.generateKeyPair({bits: 2048, e: 0x10001}); rootCert.publicKey = rootKeypair.publicKey; rootCert.sign(rootKeypair.privateKey); var rootPem = forge.pki.certificateToPem(rootCert); console.log("/////ROOT PEM",rootPem) /////////ROOT CERT///////////// /////////INTERMEDIATE CERT///// var intermediate = [{ name: 'commonName', value: 'intermediate' }, { name: 'countryName', value: 'US' }, { shortName: 'ST', value: 'Virginia' }, { name: 'localityName', value: 'Blacksburg' }, { name: 'organizationName', value: 'Test' }, { shortName: 'OU', value: 'Test' }]; var intermediateKeypair = forge.rsa.generateKeyPair({bits: 2048, e: 0x10001}); var intermediateCert = forge.pki.createCertificate({ publicKey: intermediateKeypair.publicKey, signingKey: rootKeypair.privateKey, serialNumber: '01', isCA: true }); intermediateCert.setSubject(intermediate); intermediateCert.setIssuer(rootCert.subject.attributes); intermediateCert.publicKey = intermediateKeypair.publicKey; intermediateCert.sign(rootKeypair.privateKey); var intermediatePem = forge.pki.certificateToPem(intermediateCert); console.log("/////INTERMEDIATE PEM",intermediatePem); /////////INTERMEDIATE CERT//// /////////ENTITY CERT ///////// var entity = [{ name: 'commonName', value: 'entity' }, { name: 'countryName', value: 'US' }, { shortName: 'ST', value: 'Virginia' }, { name: 'localityName', value: 'Blacksburg' }, { name: 'organizationName', value: 'Test' }, { shortName: 'OU', value: 'Test' }]; var ed25519 = forge.pki.ed25519; var entityKeypair = ed25519.generateKeyPair(); var entityCert = forge.pki.createCertificate({ publicKey: entityKeypair.publicKey, signingKey: intermediateKeypair.privateKey, serialNumber: '01', isCA: false }); entityCert.setSubject(entity); entityCert.setIssuer(intermediateCert.subject.attributes); entityCert.publicKey = entityKeypair.publicKey; entityCert.sign(intermediateKeypair.privateKey); var entityPem = forge.pki.certificateToPem(entityCert); console.log("/////INTERMEDIATE PEM",entityCert); /////////INTERMEDIATE CERT////