What is CA bundle?

CA bundle is a file that contains root and intermediate certificates. The certificate issued for your domain constitutes the certificates’ chain with a CA bundle.

The chain is required to improve compatibility of the certificates with web browsers and other kind of clients so that browsers recognize your certificate and no security warnings appear.

Comodo may send you a complete CA bundle in a zip file with a *.ca-bundle extension or root and intermediate certificates separately. Geotrust/Thawte/Symantec Certificate Authorities usually send only a single intermediate certificate instead of a complete CA bundle, since in most cases it is enough for the certificate to be recognized in browsers as a trusted one.

In case you have received the intermediate and root certificates as separate files, you should combine them into a single one to have a complete CA_bundle. But since the certificates in the CA bundle should be in a particular order, it could be not clear what the correct sequence of root and intermediate certificates is.

For example, you have received Comodo’s PositiveSSL in zip. There could be three files: yourdomain.crt, COMODORSADomainValidationSecureServerCA.crt, COMODORSAAddTrustCA.crt and AddTrustExternalCARoot.crt. While, obviously, yourdomain.crt is a public certificate issued for your domain name, it could be not clear how to create a correct CA bundle for it with the other two files.

That is why we created already combined Bundle files for you, and you can find the one you need in our other article of documentation.


0 Dislikes