How to create intermediate certificate

how to create intermediate certificate


SUSE Linux Enterprise Server


How to create a .pem File for SSL Certificate Installations


SSL .pem files are concatenated certificate container files and can be thought of as a container of layered certificates. They are frequently required for certificate installations when multiple certificates are being imported as one file.

The following details the structure of a .pem file:



(Your Primary SSL certificate: your_domain_name.crt)



(Your Intermediate certificate: certChainCA.crt)


.pem SSL Creation Instructions require the following files :

  • Private Key
  • Server Certificate (crt, puplic key)
  • (optional) Intermediate CA and/or bundles if signed by a 3rd party
  1. (manual ) How to manually create a .pem file:
    • Remove the password from the Private Key by following the steps listed below:
      • Type openssl rsa -in server.key -out nopassword.key and press Enter.

      • Enter the pass phrase of the Private Key.
    • Combine the private key, public certificate and any 3rd party intermediate certificate files:
      • cat nopassword.key > server.pem
  • cat server.crt >> server.pem
  • Repeat this step as needed for third-party certificate chain files, bundles, etc:

    cat intermediate.crt >> server.pem

  • (scripted ) How to create a PEM file:
    • Download certs.tgz. wget
    • Unpackage the download: tar xzf certs.tgz
    • Run /
    • Select Create PEM
    • Provide the full path to the directory containing the certificate files.
    • Provide the filenames of the following:
      • private key
      • public key (server crt)
      • (conditional) password for private key
      • (conditional) any intermediate certificate chain file(s)

    Additional Information

    See TID 7015502 - Common Mistakes in SSL Certificate Management & Implementation


    Category: Insurance

    Similar articles: