My dedicated server host provides free SSL certs and I have a few built up at my domain registrar too, so I’ve been securing everything I can with an SSL cert. Why? Why not?

Anyway…. most things that support SSL outside of web servers don’t have an entry for certificate chains. Documentation on how to work with these chains is basically non existent. Well here’s some documentation.

When you get cheap certs, you most likely get 2 files: One with a .crt and one with a .ca-bundle.
This is useless unless the product you’re using it on supports certificate chains. So what do you do? You stack the certs yourself.

Open a new file. Take the contents of the .crt file and paste it in.
Now take the contents of the .ca-bundle file and paste that directly below.

Your file should now contain a bunch of
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----

with a bunch of random crap in between. It’s not actually random crap, but it’s easier than describing what it actually is.

MAKE SURE!!! that your .crt contents is on top of the .ca-bundle contents.
I had it backwards and was fighting with it until I tried swapping it.

© 2012 The Mind of DH Suffusion theme by Sayontan Sinha