Is there a way to insert a CA Bundle chain for a domain?



  • There's the cert field, the key field, but no CA field. The CA field is uncommonly used but really important when you're building an internal web app. Is there a work around for this, or would this require adding the third SSL Certification field for the domain?



  • There is currently no way to upload the CA chain as such. I am no expert there, but I think there are some more extensive bundle formats, which contain everything at once? Maybe we can replace the two fields and just make the api accept a bundle and in case maybe extracts the portions for nginx?



  • @iJoel You can do this by simply concatenating the intermediate and CA cert files into a single cert file.

    So, in the '.crt' file which you upload to Cloudron, it will have:

    -----BEGIN CERTIFICATE-----
    the *.foo.com certificate
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    intermediate cert
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    root cert if any
    -----END CERTIFICATE-----
    

    The ordering of the certs is important above.


Log in to reply