If the remote host is usually a public host in generation, any split while in the chain can make it more challenging for buyers to verify the authenticity and id of the internet server. This could enable it to be simpler to perform guy-in-the-Center assaults from the distant host. From https://www.hostscheap.com/ssl-certificates
