COMODOのSSL証明書

ComodoのSSL証明書を申請・取得したら、ZIP形式で数個の証明書ファイルが来た。

AddTrustExternalCARoot.crt
ComodoUTNSGCCA.crt
EssentialSSLCA_2.crt
UTNAddTrustSGCCA.crt
www_xxxxx_com.crt```
 証明書をインストールしようとここ

<a title="https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1203&nav=0,128,96,1,95" href="https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1203&nav=0,128,96,1,95" target="_blank">Certificate Installation: Apache & mod_ssl</a>を参考にインストールしようとしたら、中間証明書はyourDomainName.ca-bundle にまとまっていることになっているが、ZIPの中に無い。 まとめようにも、どれが中間証明書だろう?やっと情報を見つけた。 

> Which is Root? Which is Intermediate? <a title="Current Comodo Certificate Hierarchies" href="https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1182" target="_blank">Current Comodo Certificate Hierarchies</a> 中間証明書を1つにまとめるのは次の手順。 

> <a href="https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1209" target="_blank">How do I make my own bundle file from CRT files?</a>  今回はEssentialSSL なので、この証明書ファイルを<span style="color: #0000ff;">逆順で1テキストファイル</span>にすれば良いらしい。 

```terminal
# Intermediate CA Certificate 3 - EssentialSSLCA_2.crt
# Intermediate CA Certificate 2 - ComodoUTNSGCCA.crt
# Intermediate CA Certificate 1 - UTNAddTrustSGCCA.crt
# Root CA Certificate - AddTrustExternalCARoot.crt

catコマンド。

cat EssentialSSLCA_2.crt ComodoUTNSGCCA.crt UTNAddTrustSGCCA.crt AddTrustExternalCARoot.crt > yourDomain.ca-bundle

・EV/EV SGC SSL Root: AddTrustExternalCARoot.crt Intermediate 1: COMODOAddTrustServerCA.crt Intermediate 2: COMODOExtendedValidationSecureServerCA.crt End-Entity/Domain Certificate ・InstantSSL/IntranetSSL/EnterpriseSSL/Unified Communications (UCC) Root: AddTrustExternalCARoot.crt Intermediate: ComodoHigh-AssuranceSecureServerCA.crt End-Entity/Domain Certificate ・ComodoSSL / ComodoSSL Wildcard / ComodoSSL UCC Root: AddTrustExternalCARoot.crt Intermediate: ComodoSSLCA.crt End-Entity/Domain Certificate ・EssentialSSL / Free Certificate Root: AddTrustExternalCARoot.crt Intermediate 1: UTNAddTrustSGCCA.crt Intermediate 2: ComodoUTNSGCCA.crt Intermediate 3: EssentialSSLCA_2.crt End-Entity/Domain Certificate ・PositiveSSL Root: AddTrustExternalCARoot.crt Intermediate: PositiveSSLCA2.crt End-Entity/Domain Certificate EV証明書だと階層が浅いわけでもないなぁ。