Home > Net >  how does an SSL certificate chain bundle arranged?
how does an SSL certificate chain bundle arranged?

Time:05-03

I have 4 certificate files like this:

1.certum_certificate.crt
2.certum_certificate.pem
3.Intermediate_CA2.cer
4.Intermediate_CA.cer
5.Root_CA.cer

I put these files content by this order in a bundle file and i figured out that my SSL chain is incomplete. how should i arrange them in bundle file?

CodePudding user response:

Just concatenate the three parts into a single file like this (fullchain.pem) :

-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISA/UUyBjJ71fucZuvpiLsdfsfsdfsdfd
...
hoFWWJt3/SeBKn ci03RRvZsdfdsfsdfw=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinsdfsfsdfsdfdsfsdfsd
....
nLRbwHqsdqD7hHwg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFYDCCBsdfSDFSDFVSDVzfsdffvqdsfgsT664ScbvsfGDGSDV
...
Dfvp7OOGAN6dEOM4 SDFSDZET DFGDFQSD45Bddfghqsqf6Bsff
-----END CERTIFICATE-----

The order must be backwards. The sender's certificate must come first in the list. Each following certificate must directly certify the one preceding it :

Original issuer —> Intermediate issuer 1 —> Final Root issuer which is a root certificate authority and can be trusted.

It's possible to have several intermediates : ...—> Intermediate issuer 1 —> Intermediate issuer 2 —>...

Page link:https//www.codepudding.com/net/393181.html

Prev:how to resolve nginx 502 bad-gateway error
Next:Doest non-generic members in different generic types are same or not
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding