When issuing a certificate request, sometimes you may receive a CA bundle from the certificate authority which is a file that contains the primary SSL certificate, intermediate certificate, and root certificate in the format below:
-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: your_domain_name.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: DigiCertCA.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: TrustedRoot.crt)
-----END CERTIFICATE-----
In order to set up the web server with TLS 1.2, the files key.pem, cert.pem, and any other intermediate certificate must be located next to the structure file. Follow the steps below to separate the primary SSL certificate from the CA bundle to a separate cert.pem file:
1. Copy the primary SSL certificate section from the CA bundle
2. Create a new text file called "cert.txt" and paste the contents
3. Change the .txt extension to .pem
4. Move cert.pem next to the structure file
5. Move the CA bundle file next to the structure file
6. Move the key.pem file generated from GENERATE ENCRYPTION KEYPAIR next to the structure file
If done correctly, your web server should now be able to opened in HTTPS/TLS 1.2.