How Do I Install an Intermediate Certificate on My Web Server?


Angela Bailey

Installing an intermediate certificate on your web server is an essential step in ensuring secure and trusted communication between your website and its visitors. In this tutorial, we will guide you through the process of installing an intermediate certificate on various web server platforms.

What is an Intermediate Certificate?

Before we proceed with the installation, let’s first understand what an intermediate certificate is. In the realm of SSL/TLS certificates, there are three main types: root certificates, intermediate certificates, and end-entity certificates.

An intermediate certificate sits between the root certificate and the end-entity certificate. It helps establish a trust chain that verifies the authenticity of the end-entity certificate.

Why Do You Need to Install an Intermediate Certificate?

In order for web browsers to trust your SSL/TLS certificate, they need to verify it against a trusted root certificate. However, root certificates are usually stored in browsers’ pre-installed trust stores.

Intermediate certificates, on the other hand, are issued by trusted root certificate authorities (CAs) but not pre-installed in browsers. By installing the intermediate certificate on your web server, you create a complete trust chain from a trusted root CA to your website’s SSL/TLS certificate.

Installation Process

The installation process of an intermediate certificate may vary depending on your web server platform. Below, we have provided step-by-step instructions for some popular web servers:

Apache HTTP Server

  1. Login to your server via SSH or open a terminal session.
  2. Navigate to the directory where your SSL/TLS files are stored.
  3. Open the Apache configuration file (usually named httpd.conf).
  4. Locate the section where SSL/TLS settings are defined.
  5. Find the line that begins with “SSLCertificateChainFile” or “SSLCACertificateFile”.
  6. Specify the path to your intermediate certificate file after the above line.
  7. Save the changes and exit the editor.
  8. Restart Apache for the changes to take effect.


  1. Login to your server via SSH or open a terminal session.
  2. Open the Nginx configuration file (usually named nginx.
  3. Add a new line: “ssl_certificate /path/to/intermediate_certificate.crt;”.
  4. Restart Nginx for the changes to take effect.

Microsoft IIS

  1. Launch Internet Information Services (IIS) Manager on your server.
    • Note: This guide assumes you have already installed your end-entity certificate in IIS. If not, please install it before proceeding with these steps.

    IIS Version <=7:

          i. Open IIS Manager and navigate to your server.
          ii. Double-click on “Server Certificates”.

      Click on “Complete Certificate Request” in the Actions panel.
          iv. Provide the path to your intermediate certificate file and complete the wizard.

    IIS Version >=8:


Discord Server - Web Server - Private Server - DNS Server - Object-Oriented Programming - Scripting - Data Types - Data Structures

Privacy Policy