I used acme.sh to request ssl certificate from letsencrypt and got 4 files.
Your cert is in …com.cer
Your cert key is in …com.key
The intermediate CA cert is in …com/ca.cer
And the full chain certs is there: …com/fullchain.cer
I see an online instruction for apache installation says the following,
SSLEngine on
SSLCertificateFile /path/to/your_domain_name.crt
SSLCertificateKeyFile /path/to/your_private.key
SSLCertificateChainFile /path/to/DigiCertCA.crt
your_domain_name.crt and your_private.key are clear but which one should I use in place of the last one DigiCertCA.crt? Is it ca.cer or fullchain.cer?
Then what about the one left after that? Where do I use it?
Thank you.
Yes, the multiple files are provided for compatibility with different server software that expects different combinations of objects in a single file. (Believe it or not, there are several other variations that other server software wants, and that people have complained that tools like Certbot and acme.sh still don’t provide for them!)
@_az’s advice should be complete for your situation.