.pem SSL Creation Instructions

• SSL .pem files (concatenated certificate container files), are frequently required for certificate installations when multiple certificates are being imported as one file.
• This article contains multiple sets of instructions that walk through various .pem file creation scenarios.

Creating a .pem with the Entire SSL Certificate Trust Chain
STEP 1: Log into your Sectigo Management Account and download your Intermediate (SectigoRSA.crt), Root (TrustedRoot.crt), and Primary Certificates (your_domain_name.crt).
STEP 2: Open a text editor (such as wordpad or notepad) and paste the entire body of each certificate into one text file in the following order:

• The Primary Certificate - your_domain_name.crt
• The Intermediate Certificate - SectigoRSA.crt
• The Root Certificate - USERTrustRSACertificationAuthorityCARoot.crt

Make sure to include the beginning and end tags on each certificate. The result should look like this:

-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: your_domain_name.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: SectigoRSA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: USERTrustRSACertificationAuthorityCARoot.crt)
-----END CERTIFICATE-----

Save the combined file as your_domain_name.pem. The .pem file is now ready to use.

Creating a .pem with the Server and Intermediate Certificates
STEP 1: Log into your Sectigo Management Account and download your Intermediate (SectigoRSA.crt) and Primary Certificates (your_domain_name.crt).
STEP 2: Open a text editor (such as wordpad or notpad) and paste the entire body of each certificate into one text file in the following order:

• The Primary Certificate - your_domain_name.crt
• The Intermediate Certificate - SectigoRSA.crt

Make sure to include the beginning and end tags on each certificate. The result should look like this:

-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: your_domain_name.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: SectigoRSA.crt)
-----END CERTIFICATE-----

Save the combined file as your_domain_name.pem. The .pem file is now ready to use.

Creating a .pem with the Private Key and Entire Trust Chain
STEP 1: Log into your Sectigo Management Account and download your Intermediate (SectigoRSA.crt) and Primary Certificates (your_domain_name.crt).
STEP 2: Open a text editor (such as wordpad or notepad) and paste the entire body of each certificate into one text file in the following order:

• The Private Key - your_domain_name.key
• The Primary Certificate - your_domain_name.crt
• The Intermediate Certificate - SectigoRSA.crt
• The Root Certificate - USERTrustRSACertificationAuthorityCARoot.crt

Make sure to include the beginning and end tags on each certificate. The result should look like this:

-----BEGIN RSA PRIVATE KEY-----
(Your Private Key: your_domain_name.key)
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: your_domain_name.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: SectigoRSA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: USERTrustRSACertificationAuthorityCARoot.crt)
-----END CERTIFICATE-----

Save the combined file as your_domain_name.pem. The .pem file is now ready to use.

Note: Sectigo uses several Root/Intermediates so please make you download the correct Root/Intermediates based on your requested certificate.