...
To create the 'SSLCertificateChainFile' for Apache, concatenate the issuing CA (e.g. CN=GEANT TLS RSA 1) and the cross-signed root (e.g. CN=HARICA TLS RSA Root CA 2021 in its cross-signed variety), and specify this file in the Apache mod_ssl configuration.
- Download the combined 'maximum compatibility' SSLCertificateChainFile for RSA
- Download the combined 'maximum compatibility' SSLCertificateChainFile for ECC
The server certificate itself goes into a separate file ('SSLCertificateFile') in PEM format, and the private kay also in its own file ('SSLCertificateKeyFile').
...