ELMA365 On-Premises > Prepare infrastructure > TLS/SSL certificates / Create a fullchain certificate

Create a fullchain certificate

Fullchain certificate is a .pem file that stores the entire certificate chain.

The complete certificate chain consists of the following:

  • The primary or end-entity Primary Certificate.
  • Intermediate Certificates, if any.
  • Root Certificate.

A PEM file is a container file for concatenated certificates. It is a plain text file with encrypted certificate data inside, separated by start and end tags.

Example of the composition of a PEM file:

(Ваш SSL сертификат (Primary Certificate): your_domain.crt)
(Ваш промежуточный сертификат (Intermediate certificate): DigiCertCA.crt)
(Возможно, еще один промежуточный сертификат)
(Ваш корневой сертификат (Root certificate): TrustedRoot.crt)

Assemble the fullchain_your_domain.pem file with the complete certificate chain. For this, you will need:

  • your_domain.crt — Primary Certificate;
  • DigiCertCA.crt Intermediate Certificate;
  • TrustedRoot.crt — Root Certificate.

For more details on creating a private key and a certificate chain, refer to Create self-signed TLS/SSL certificates with OpenSSL.

  1. Copy the contents of the SSL certificate your_domain.crt to fullchain_your_domain.pem:

cat your_domain.crt >> fullchain_your_domain.pem

  1. If there is an Intermediate Certificate, copy its contents into fullchain_your_domain.pem:

cat DigiCertCA.crt >> fullchain_your_domain.pem

If there are multiple Intermediate Certificates, sequentially copy their contents into fullchain_your_domain.pem.

  1. Copy the contents of the Root Certificate TrustedRoot.crt to fullchain_your_domain.pem:

cat TrustedRoot.crt >> fullchain_your_domain.pem

Example of the fullchain_your_domain.pem file

Use the fullchain_your_domain.pem file to import multiple SSL certificates as a single file.

Found a typo? Highlight the text, press ctrl + enter and notify us