Intermediate certificates and their installation

What is an intermediate certificate?

Intermediate and root certificates establish the trustworthiness of the SSL certificate. The SSL certificate however, is not issued on account of the root certificate, but on account of the intermediate certificate.
If the intermediate certificate is missing on the server, the website visitor may receive a message saying, that the site’s security certificate is not trusted..

Where do I find the intermediate certificate?

The intermediate certificate for Windows and Linux will be sent to you by e-mail along with the SSL certificate. You can find the intermediate certificate also in your customer account, and on the websites of following certification authorities:

How do I install the intermediate certificate?


In the Microsoft Management Console (MMC) choose “Certificates” for the entire server (not as a single user) and import the intermediate certificate into Console Root/Certificates (Local Computer)/Intermediate Certification Authorities/Certificates.

Note: When installing the intermediate certificate on the Windows server, you need to disable the certification authority’s root certificate – the intermediate certificate will fulfil its function. After the installation on IIS 7 the server needs to be restarted, after the installation on IIS 6, only the web server needs to be restarted.


Save the intermediate certificate along with all the other certificates (e.g. /usr/local/ssl/crt/). In the next step, match the configuration file Apache with the name httpd.conf (it is usually located in /etc/httpd), and add the directive for the intermediate certificate, for instance: SSLCertificateChainFile /usr/local/ssl/crt/linux_intermediate.pem