How to Install SSL Intermediate Certificate on Clean Ubuntu Server

1. Prerequisites:

You have obtained the intermediate certificate(s) from your Certificate Authority (CA) in .crt format.
You have administrative access (sudo) to your Ubuntu server.

2. Steps

Create a Directory (if necessary):

If it doesn’t exist, create a directory to store additional CA certificates:

sudo mkdir /usr/local/share/ca-certificates/extra

Copy Certificate Files:

Copy the intermediate certificate file(s) to the newly created directory. If you have multiple intermediates, copy all of them:

sudo cp intermediate1.crt /usr/local/share/ca-certificates/extra/intermediate1.crt
sudo cp intermediate2.crt /usr/local/share/ca-certificates/extra/intermediate2.crt

(and so on if you have more)

Update CA Certificate List:

Run the following command to update the system’s list of trusted certificates:

sudo update-ca-certificates

This command will:
- Scan the /usr/local/share/ca-certificates directory (including the extra subdirectory) for certificate files.
- Add the certificates to the system’s trust store.
- Update the /etc/ca-certificates.conf file with the new certificates.

Verify Installation:

You can check if the intermediate certificates were installed correctly by running:
openssl s_client -connect yourdomain.com:443 -showcerts
Replace yourdomain.com with your actual domain name. This will display the certificate chain. You should see your server’s certificate, followed by the intermediate certificates, and finally the root certificate of the trusted CA.

Alternative Method (Manual):

If update-ca-certificates doesn’t work as expected, you can manually add the certificates to /etc/ca-certificates.conf:
1. Open the file with a text editor: sudo nano /etc/ca-certificates.conf
2. Add a line for each certificate file, like this:/usr/local/share/ca-certificates/extra/intermediate1.crt /usr/local/share/ca-certificates/extra/intermediate2.crt
3. Save the file and run sudo update-ca-certificates to rebuild the trust store.

Important Notes:

File Extensions: Ensure your intermediate certificate files have the .crt extension.
Multiple Certificates: If you have multiple intermediate certificates, install them in the order specified by your CA (usually from the lowest level to the highest).
Security: Keep your private key (server.key) secure and never share it publicly.

How to Install SSL Intermediate Certificate on Clean Ubuntu Server

Your Facebook Page Roles is Gone. How to Add Someone As Administrator for your Facebook Page

How to copy a S3 bucket to another AWS account the quick and dirty way

How should a web site developer hire and work with their graphic designer either locally or from online sources such as Fiverr or Upwork?

How should a web site ower protect their website from being sued for copyright violation, either because of having copyrighted images or content?

How to Choose Between Elementor and WPBakery for Your WordPress Website

How to renew your Letsencrypt SSL Certificate on WordPress Bitnami AWS

How to move Replicate your S3 from one AWS account to another

Simple and Complete Steps to Move Your EC2 instance to a Different AWS Account

How to Fix the “There Has Been a Critical Error on Your Website” Error

How to backup and restore and WordPress site on AWS

Building A WordPress-Based Travel Booking Site And Start Making Money in 3 days – Part 1 – Preparation

How to build a NFT Marketplace from scratch in 3 days – Day 1 (and counting..)

How to Install SSL Intermediate Certificate on Clean Ubuntu Server

Leave a Reply Cancel reply