Extracting the Full Chain Certificate Using Qualys SSL Labs

Created at:
A certificate file must contain the full chain – root CA , intermediate CA, and the origin server certificates. Broken chain certificates may cause errors to your end users, thus it is important to upload it with the complete chain. 
Where Can I Find the Full Chain Certificate
Qualys SSL Labs is an easy to use tool that allows you to run a comprehensive free SSL test for your public web servers.
Using Qualys SSL Labs, you can receive the full chain certificate and create a certificate file to upload to the Incapsula’s Management Console. This file must have one of the following formats: PFX, PEM or CER.
Follow these steps to extract the full chain certificate:
- Insert the Hostname and Run the test
- If your chain is incomplete you'll see it noted in the site's score notes
- Scroll down to Certification Paths and expand the view. Here you can see the full certificate chain. 
- Click Download Chain to view the encoded certificate.
- Copy all the text and put it in a text editor of your choice.
- Save it as a PFX, PEM or CER extension. 
The certificate file is now ready and you may upload it to the Incapsula’s Management Console. 
Later, proceed to upload the RSA key. 

Read More about uploading your custom certificate to Incapsula here.

Was this article helpful?
3 out of 3 found this helpful
Have more questions? Submit a request


Powered by Zendesk