For testing purposes I want to test cross-signing certificates for Windows driver signing. I understand the general concept: Two root CAs, one root CA cross-signs the other root CA’s public key.
However, I couldn’t find any information on how to cross-sign the root CA’s public key exactly. When I simply sign the public key with the cross-certificate in OpenSSL, the cross-certificate is presented as the root certificate. Should it be like that? If not, does anybody what commands can be used to cross-sign a root CA’s public key?