What is CA bundle?

CA bundle is a file that contains root and intermediate certificates. The end-entity certificate along with a CA bundle constitutes the certificate chain.

The chain is required to improve compatibility of the certificates with web browsers and other kind of clients so that browsers recognize your certificate and no security warnings appear.

Comodo may send you a complete CA bundle in a zip file with a *.ca-bundle extension or root and intermediate certificates separately.

In case you have received the intermediate and root certificates as separate files, you should combine them into a single one to have a complete CA_bundle. But since the certificates in the CA bundle should be in a particular order, it could be not clear what the correct sequence of root and intermediate certificates is.

For example, you have received Comodo’s PositiveSSL in zip. There could be three files: yourdomain.crt, COMODORSADomainValidationSecureServerCA.crt, COMODORSAAddTrustCA.crt and AddTrustExternalCARoot.crt. While, obviously, yourdomain.crt is a public certificate issued for your domain name, it could be not clear how to create a correct CA bundle for it with the other two files.

      That is why we created already combined Bundle files for you, and you can find the one you need here.


We welcome your comments, questions, corrections and additional information relating to this article. Your comments may take some time to appear. Please be aware that off-topic comments will be deleted.

If you need specific help with your account, feel free to contact our Support Team. Thank you.

Need help? We're always here for you.

× Close