HP Open Source Security for OpenVMS Volume 2: HP SSL for OpenVMS > Chapter 3 Using the Certificate
Create a Certificate Chain
After you create an intermediate CA certificate (described in the previous section), create a client/server certificate as follows:
Encrypting the private key is not required for creating a client/server certificate. However, if the key is encrypted, you can also use the certificate as an intermedicate CA certificate with which another certificate will be signed.
Some OpenSSL APIs require a certificate chain file. This file contains certificates that form the certificate chain (from the client/server certificate to the root CA certificate).
To create a certificate chain file, append the certificates of intermediate CA(s) and the root CA to the client/server certificate. The order in the file can be expressed as follows:
client/server cert >>> intermediate CA1 >>> intermediate CA2 >>> root CA
Enter the following command to create a certificate chain file: