When ordering a secure certificate, most often one has to deal with the following files:
- certificate key file (aka private key): .key
- certificate request file: .csr
- primary certificate file (issued by the CA): .crt
- certificate chain (aka intermediate certificate, or sf bundle): sf_bundle.crt
As a result, when deploying to a web server, it is necessary to configure 3 files: the key, the cert, and the trust chain. However, a little known fact is that these can be combined in a “pem” file that holds all three. One may even include the trusted root certificate optionally. Here is how:
- download your certificates (your_domain_name.crt) from your NewPush Customer Portal.
- paste the entire body of each certificate one by one into one text file in the following order:Make sure to include the beginning and end tags on each certificate. The result should look like this:
- domain.key
- domain.crt
- sf_bundle.crt
The number of
sections will depend of the length of the certificate trust chain.