2x Begin and End in domain-crt.txt file?


My domain is:

My web server is (include version):
vMware ESXI 6.5.0

The operating system my web server runs on is (include version):

I need to use a PEM fomatted certificate to make my ESXI login secure ussing SSL.

As far as I understand, the certificate that is provided by Let’s Encrypt is already PEM formatted. But as soon as I open the received “domain-crt.txt” file I see 2 times a -----BEGIN CERTIFICATE-----/-----END CERTIFICATE-----

What’s the idea behind that? As this way it can’t be used by just renaming. @ my job I’m used to use payed certificates and after the CSR is accepted I’m able to download the certificate in a .crt and a .der file.

Is this the same but then compared into one txt file?

If so, what’s the .CRT part and the .DER part?
If not, what’sup with the 2x begin and end certificate in the “domain-crt.txt” file?

For your record: I’ve tried google and the let’s encrypt KB to search for answers…


Hi @soepgroenten

the first is your certificate.

The second ist the Letsencrypt intermediate certificate.

The webserver should send both certificates. So there is no need that the browser downloads the intermediate certificate from another source.


Thanks a lot for your quick response…this helped me a lot…

I hope this topic also answers this question for others.