If you are looking for a CA bundle, we can assume that you’re installing an SSL certificate and need to fill out the Certificate Authority Bundle: (CABUNDLE) field on your server. Generally, the servers fetch the CA bundle codes automatically. But if you don’t see any codes on the CA bundle field, you need to fill that field manually.
In this article, we provide all the required information, files, and links you would need to get the CA bundle codes.
How to Get Symantec, GeoTrust, RapidSSL, Comodo CA and Thawte CA Bundles
Step 1: Go to this CA bundle resource page.
Step 2: Choose the SSL certificate you have purchased (or its closest match) from the list.
Step 3: To start the CA bundle CRT download process, simply press the download icon under the SHA-2 CA Download column. Ignore the SHA-1 CA Download column.
Step 4: Now, locate the CA bundle on your PC. It would automatically save to your Downloads folder unless you’ve specified a different location.
Right-click on it.
Select Open with and click Notepad from the options.
Step 5: You’ll see a bunch of codes written in the Notepad file. This is your CA bundle.
It looks something like this:
Step 6: Copy the entire content of the file, including —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—–, and paste it in the Certificate Authority Bundle: (CABUNDLE) field on your server.
How to Create a CA Bundle CRT For Other SSL Certificate Brands
If you have an SSL certificate from brands other than the ones specified in the above section, you have to create your own CA bundle manually. What it means is that you must combine all the codes of the root certificate and intermediate certificates to make a master file. This master file will serve as your CA bundle.
To create your own CA bundle CRT file, please follow the instructions below.
Step 1: Once you finish the validation process, the CA will issue an SSL certificate for your website. You’ll receive a bunch of files with .crt extensions via email.
The email will contain a root certificate, some intermediate certificates, and an SSL certificate.. (The SSL certificate would be named as yourdomain.crt. Right now, you don’t need this file.)
Some CAs (like Symantec) provide only one intermediate certificate, whereas some CAs (Like Comodo) usually have two intermediate certificates.
Step 2: Download all the .crt files.
Step 3: The CA bundle file should contain codes from the files in the following order:
- Intermediate CA Certificate 2
- Intermediate CA Certificate 1
- Root CA Certificate
The root certificate will likely have the word “root” in its name, and the intermediate certificate frequently has the word “intermediate” in it. However, every certificate authority has its own naming conventions for its root and intermediate certificates. So, it’s better if you clarify which file contains which certificate by contacting the CA’s customer support staff.
Step 4: Right-click on each .crt file and open it in Notepad. Copy the codes of those files and paste them in the order mentioned above in a new blank text file. Include —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—–.
Step 5: Save the newly created text file with the name ‘yourdomain.ca-bundle’ or ‘cabundle.crt’
Step 6: Copy all the codes from yourdomain.ca-bundle and paste them in the Certificate Authority Bundle: (CABUNDLE) field on your server.
Final Thoughts
It would be much better to get a ready-made CA bundle from the certificate authority rather than create one on your own. You can contact the customer support team of your vendor or CA and request them to provide the CA bundle. If you have bought your SSL certificate from RapidSSLonline.com, you can easily access the CA bundle from here. If you’re not sure which bundle is best suited for the SSL certificate you purchased, you can contact our customer support team 24/7. They’ll love to assist you and will send you the right CA bundle.