Fullchain certificate is a .pem file that stores the entire certificate chain.
The complete certificate chain consists of the following:
- The primary or end-entity Primary Certificate.
- Intermediate Certificates, if any.
- Root Certificate.
A PEM file is a container file for concatenated certificates. It is a plain text file with encrypted certificate data inside, separated by start and end tags.
Example of the composition of a PEM file:
-----BEGIN CERTIFICATE-----
(Ваш SSL сертификат (Primary Certificate): your_domain.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Ваш промежуточный сертификат (Intermediate certificate): DigiCertCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Возможно, еще один промежуточный сертификат)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Ваш корневой сертификат (Root certificate): TrustedRoot.crt)
-----END CERTIFICATE-----
Assemble the fullchain_your_domain.pem file with the complete certificate chain. For this, you will need:
- your_domain.crt — Primary Certificate;
- DigiCertCA.crt — Intermediate Certificate;
- TrustedRoot.crt — Root Certificate.
For more details on creating a private key and a certificate chain, refer to Create self-signed TLS/SSL certificates with OpenSSL.
- Copy the contents of the SSL certificate your_domain.crt to fullchain_your_domain.pem:
cat your_domain.crt >> fullchain_your_domain.pem
- If there is an Intermediate Certificate, copy its contents into fullchain_your_domain.pem:
cat DigiCertCA.crt >> fullchain_your_domain.pem
If there are multiple Intermediate Certificates, sequentially copy their contents into fullchain_your_domain.pem.
- Copy the contents of the Root Certificate TrustedRoot.crt to fullchain_your_domain.pem:
cat TrustedRoot.crt >> fullchain_your_domain.pem
Example of the fullchain_your_domain.pem file
The fullchain_your_domain.pem file consists of:
-----BEGIN CERTIFICATE----- |
Use the fullchain_your_domain.pem file to import multiple SSL certificates as a single file.