+ Start a Discussion

How to Upload CA-Signed Certifictae


We need 3 Certifcates
1.SSL Certificate.
2.CA Intermediate Certiticate.
3.Root Certifcate.
If you dont got the root certitifcate from the provider,you can download it from the provider website/home page.

Uploading CA-Signed Certiifcate as follows.
1.Open a Notepad.
2.Paste each certificate as per below order into the note pad.
(SSL certificate) 
(CA Intermediate certificate) 
(Root certificate) 
3.Save the notepad as "sitesSSL.cer" or "xxx.cer"
4.Now goto Settting>Security Control>Certtificate and Key Managment
5.Select the certificate in which you want to upload.
6.Upload the newly created sitesSSL.cer
7.If no errors than your done and chek your site from the browser whether you have a lock sign in the browser or not.
NagaNaga (Salesforce Developers) 
Hi Suresh,

After you create a CA-signed certificate, you must do the following before the certificate is active and you can use the certificate.

From Setup, click Security Controls | Certificate and Key Management, click the name of the certificate, then click Download Certificate Signing Request. 
Send the certificate request to the certificate authority of your choice.
After the certificate authority sends back the signed certificate, from Setup, click Security Controls | Certificate and Key Management, click the name of the certificate, then click Upload Signed Certificate. 
Click Browse to locate the CA-signed certificate. The CA-signed certificate must match the certificate created in Salesforce. If you try to upload a different CA-signed certificate, the upload fails. 
Click Save to finish the upload process. Click  Cancel at any time to not upload the certificate.

After you successfully upload the signed certificate, the status of the certificate is changed to Active and you can use CA-signed certificate. A certificate chain is an hierarchical order of certificates where one certificate issues and signs another certificate lower in the hierarchy. Upload a certificate chain as a single PEM-encoded CA-signed certificate representing the concatenated chain of certificates. The uploaded certificate chain must include the intermediate certificates in the following order.Start with the server or client certificate and then add its signing certificate.
If more than one intermediate certificate exists between the server or client certificate and the root, add each certificate as the one that signed the previous certificate.
The root certificate is optional, and generally should not be included.

Please let me know if this helps

Best Regards
Naga Kiran

Naga I already gave the answer.Please read the question propelry before you reply.
Dont simply reply to increase your answered count
Shalini Gupta 2Shalini Gupta 2
Hi Suresh,

How did you add the certicate values in the notepad.
I am not able to open my crt files.

Your help is much appreciated.

Best Regards,
Shalini Gupta 2Shalini Gupta 2
Hi Suresh,

My issue related to opening of crt files is resolved.
Anyways, thank you.

Best Regards,
Tulasi VennReddyTulasi VennReddy
Hello shalini ,
Am having the same issue unable to resolve.. will u guid me plz.

Taylor Threadcraft 13Taylor Threadcraft 13
This did not work for me. I'm getting an error message that says this is not a certificate. I'm using a MAC.
Abhishek Kumar 338Abhishek Kumar 338
Hi Guys, how we can locate Private for CA-signed certificate.
Abhishek Kumar 338Abhishek Kumar 338
Hi Guys, how we can locate Private Key for CA-signed certificate.

nileema mohanty 22nileema mohanty 22
I am using sectogo certficate but when using ssllab saying me issued by godday certficates .
when using hsts preload status checking giving me below error 
https://www.xxx.com uses an incomplete or invalid certificate chain. Check out your site at https://www.ssllabs.com/ssltest/
Nehal SiddiquiNehal Siddiqui
Hi Suresh in Go daddy which server type option should i select to download the certificate