On Fri, Dec 26, 2025 at 4:52 AM Asma Aljarai <[email protected]> wrote:
> Issue: > I did not receive the certificate chain (intermediate certificates). > Without the chain, browsers may not fully trust the site, and I want to > ensure the SSL configuration is complete and secure. > > Questions: > 1. What is the recommended way to obtain the certificate chain from an > internal CA such as Key Manager Plus? > 2. Is it acceptable to run Apache securely using only the server > certificate and private key if the chain is not available? > 3. Could the missing chain be the reason the site appears as not fully > secure in browsers? > 1. You would have to check the documentation for that product. It is unlikely you will find someone on this list who is familiar with it. More generally, if you have another website with the same certificate chain, you can download the chain from your browser. 2. Yes. HTTPD doesn't care about the chain when it is serving requests, that is the responsibility of the client. HTTPD might need the chain if it is making subrequests or if it is validating client certificates. 3. Yes, assuming that your browser has the root certificate in its trust store too. - Y
