How to configure the chain of SSL certificates and why it is necessary
What is a chain of certificates
As a rule, a single certificate is sufficient to encrypt the information sent between the visitor's browser and the server. However, some resources require greater reliability and multi-level protection. For example, a banking resource involves large financial transactions. In this case, an SSL certificate is required, which contains not only the certificate for the domain but the certificate chain (CA Bundle).
The SSL certificate chain includes certificates of guarantors confirming the validity of the document as a whole. The CA Bundle structure is as follows:
How to set up an SSL certificate chain
Create a text document
The text file with the certificate chain should be saved as domain.ca-bundle.
Use the command line
Errors in setting up the certificate chain
The server certificate chain is incomplete
You can check the chain settings using online services. For example, SSL Shopper or SSL Checker.
Failed to validate the certificate chain
Setting up a chain and checking the correctness of its operation will expand the possibilities of using a web resource in various applications. Special online services will help you quickly identify errors in the chain.
|Run Site Audit|
Learn how to get the most out of Serpstat
Want to get a personal demo, trial period or bunch of successful use cases?
Send a request and our expert will contact you ;)
Cases, lifehacks, researches and useful articles
Don’t you have time to follow the news? No worries!
Our editor Stacy will choose articles that will definitely help you with your work. Join our cozy community :)