SSL Intermediate Certificate Order for Comodo Positive SSL
January 6, 2015
Posted by on
Applications like Dovecot and Exim require the intermediate certificates concatenated into one file along with your site’s certificate. Apache also requires the intermediate certificates in one file, too.
The Comodo Positive SSL certificate appears to be one of the cheapest available at gogetssl.com.
When you get a Comodo Positive SSL certificate you get your site certificate and three other “intermediate” certificate authority files bundled in your zip file, the three extra files are:
||Distance from Root
For Apache you need to put the three certificate authority intermediate certificates into one file in order of decreasing distance from the root.
cat COMODORSADomainValidationSecureServerCA.crt \
and then add the following to your virtual server configuration:
For Dovecot/Exim you need to put all four certificates including your site certificate into one file in order of decreasing distance from the root:
cat your_site.crt \
and then add the following to your exim4.conf:
tls_certificate = CONFDIR/ssl/gogetssl/your_site.comodo+intermediate.crt
tls_privatekey = CONFDIR/ssl/gogetssl/your_site.key
and in dovecot.conf:
ssl_cert = </etc/dovecot/ssl/gogetssl/your_site.comodo+intermediate.crt
ssl_key = </etc/dovecot/ssl/gogetssl/your_site.key