Which one should be used? chain.pem or fullchain.pem?
fullchain.pem
= cert.pem
+ chain.pem
You typically use chain.pem
(or the first certificate in it) when you're asked for a CA bundle or CA certificate.
You typically use fullchain.pem
when you're asked for the entire certificate chain in a single file. For example, this is the case for modern versions of Apache and nginx.
7 Likes
No cert should ever include the signing root certificate.
Any program that requires one, was poorly written.
11 Likes
Hear hear.
6 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.