How to export SSL certificate chain

  • 2 minute(s) read
Prev Next

Introduction

An SSL certificate chain, also known as a certificate chain of trust, is an ordered list of digital certificates that helps establish a secure connection between a web server and a client's browser. It plays a crucial role in ensuring the authenticity and security of websites, preventing eavesdropping and man-in-the-middle attacks.

Components of an SSL Certificate Chain:

End-User Certificate: This is the certificate issued to the website or server. It contains the organization's domain name, public key, and other identifying information.

Intermediate Certificates: These intermediate certificates issued by Certificate Authorities (CAs) act as intermediaries between the end-entity certificate and the root certificate. They help establish trust in the end-entity certificate by linking it back to a trusted root.

Root Certificate: This is the self-signed certificate at the top of the chain. It serves as the anchor of trust and is embedded in web browsers and operating systems. When a client browser connects to a website, it validates the certificate chain by tracing back from the end-user certificate to the trusted root certificate. If the chain is valid, the browser establishes a secure connection with the website, allowing encrypted communication.

All the above components of the certificate chain can be directly downloaded from the browser itself.

  • Click on the view site information icon on the browser tab and then click on "Connection is secure"

Screenshot 2024-04-19 at 7.52.20 PM.png

  • Next, If you click on "Certificate is valid" option you will see the "Certificate Viewer" Dialog box appear.
  • In the details tab of this dialog box, you will be able to see the whole certificate chain.

Screenshot 2024-04-19 at 7.46.10 PM.png

  • Incase your services need the SSL certficate chain of any site to be able to function properly. You can export the certificates by clicking on "Export" button.

Note:- If you are exporting the certificate for your API services please ensure you are using io.catchpoint.com

There are many 3rd party sites available on the internet that helps you to directly download the whole certificate chain of a website just by providing the URL of the Website.

One such website is https://whatsmychaincert.com/

Note:- Please do not consider the above website as Catchpoint recommendation. it is just a reference of what is available on the internet.

These certificates are subject to renew before due dates. Updating the SSL certificate should be seamless for our clients that do not require the SSL certificate to be intergrated specifically as most of the services do not require the certificate chain to be uploaded separately.

This change is internal to Catchpoint and will follow our change management process.

You can always consider to connect with our Support team (support@catchpoint.com) or your CSM and VE if you need to help with the above.