Combining Multiple Intermediate Certificates

Due to the limitations on select browsers and mobile devices, Certificate Authorities often do not have their Intermediate Certificates deployed for various reasons such as size limitations. Without these Intermediate Certificates being either installed on their device(s) or exchanged with the end-user via the SSL Handshake, the connection on such devices can be deemed “Untrusted”.

To combat such issues as highlighted above, web masters are encouraged to install the Intermediate Certificates provided by the Certificate Authority during the SSL Installation process on the servers they wish to have connections handled.

Seems simple right? Well there’s issue that can occur however, which is that Certificate Authorities often require multiple Intermediate Certificates to be installed but the server might only have the ability to support one Intermediate Certificate entry. To combat this, the web master would need to “combine” the Intermediates provided into one single “.CRT” often referred to as the “CABundle”.

What You’ll Need

1. Your certificate files

Depending upon the Certificate Authority the Intermediates delivered can be different than what is showcased below, but the application should be similar if not the same if you have purchased from Comodo.

Within the “.zip” download provided by the Certificate Authority, you will find a list of all the files necessary to install the SSL Certificate minus the Private Key. In this instance you will find we have:

  • AddTrustExternalCARoot.crt
  • COMODORSAAddTrustCA.crt
  • COMODORSADomainValidaitonSecureServerCA.crt

Your certificate files

The bold highlights signify the Intermediate Certificates that we need to combine into one single “.crt” file.


1. Open the 1st Intermediate File

Right click the COMODORSADomainValidaitonSecureServerCA.crt and elect to open this certificate with a Word Processor application (i.e. Notepad / Text Editor) so that your editor appears similar to the screenshot below.

1st Intermediate File

At the end of the document insert a line break by pressing “Enter.”

2. Open the 2nd Intermediate File and Copy/Paste

Open the ComodoRSAAddTrustCA.crt in a manner similar to above. Once opened, copy the all contents and paste all the contents to the end of the 1st Intermediate so it appears as captured below (Hint: you’ll know if you did this right if you see an END CERTIFICATE —– as well as —– BEGIN CERTIFICATE)

2nd Intermediate File

3. Save as One File

If everything appears similar to the above example, proceed to save this file with a name that is  easily identifiable such as so you can find this with ease during the installation process.

After completing the above, your team should have everything needed to perform the installation of the SSL Certificate purchased. If you have any questions, or need help with any part of the generation process, you can reach out to our support team 24/7/365.

  • 0 Users Found This Useful
     Was this answer helpful?

Related Articles

 How to Check a Certificate’s Expiration Date (Chrome)

Get certificate information on any website in just a few clicks. Checking your SSL certificate’s expiration date on Google Chrome is fairly easy. Depending on which version of Chrome you’re running, it can be done within just a few clicks. Here’s...

 Troubleshooting Insecure Content

One of the most common issues site owners run into when installing and SSL certificate and migrating to HTTPS is Insecure Content. This error is produced when content on a secure website is being loaded through a non-secure source. An example...

 Elliptic Curve Cryptography (ECC) Certificates

Cryptography, the science of encrypting data and information, is the backbone of SSL. Every time you visit a website that is secured by an SSL certificate, your computer works with that website’s server to encrypt and then decipher all data sent...

 Explaining the Chain of Trust

A brief overview of PKI (Private Key Infrastructure) and why your certificate is trusted. One of the most common questions we field is in relation to the “Chain of Trust.” If you’ve ever had any questions about roots, intermediates or how SSL...

 Understanding Hash Functions

Maybe now you’ll finally understand the name of our blog Hashing is simply the practice of using an algorithm to map data of any length to a fixed-length output. It’s useful in a number of ways and plays a role in several different types of...

Powered by WHMCompleteSolution