If you have intermediate CA certificates, you can chain them into a single CRT, then upload that to LibApps. The certificate for your domain is located at the top of the CRT file, followed by one or more intermediate certificates. If your certificate authority provides multiple intermediate certificates, they should tell you the proper order to include them inside the single "combined" certificate. Please contact them if you need help chaining your certificates.
Issues with certificate chains often result in browser warning pages. If this happens after your certificate has already been installed, try using an SSL checker tool to help identify potential issues with your certificate. A couple of free resources include:
- SSL Server Test (Powered by Qualys SSL Labs)
Simply enter your site's domain name in the Hostname field, enable the "Do not show results on the boards" checkbox, and click the "Submit" button. The test will take a minute or so to complete, but will let you know if there were issues with your certificate chain.
- SSL Certificate Checker - Diagnostic Tool | DigiCert.com
Enter your site's domain name in the Server Address field and click the "Check Server" button. This test is not as detailed as the Qualys one, but does not take as long to complete.
Important note for InCommon certificates
If you are obtaining intermediate certificates, we have found that CER files provided by InCommon place the intermediate certificates above the domain certificates. This will cause a validation error when uploading your certificate to LibApps, while also causing the certificate to be rejected by our server. To prevent this error, please see our instructions for working with InCommon certificates.