So I've been noticing a kind of weird issue of late, not sure how long it's been going on. We currently have an Enterprise PKI environment with a an offline Root and Policy CA and an online Issuing. Running on Server 2008R2 currently. Anyways, the weird thing is best explained by a screenshot.
As you can see, the Cert for Twitter shows as being issued by our internal PKI. If I look at the chain, it shows our CA's in the chain validating it. Is this normal? Or is something wonky going on here? Are these certs being validated correctly?