To ensure normal HTTPS communication between clients and your web server, you must install the root certificate and intermediate certificates when you install an SSL certificate on your web server. This topic describes how to download root certificates and intermediate certificates.
If your web services are accessed by using browsers, you do not need to install root certificates because the root certificates are built into the browsers. In this scenario, you need to only install the SSL certificates that are issued by certificate authorities (CAs) on your web server. This way, your web server can communicate with the browsers over HTTPS.
If your web services are accessed by using clients such as Java clients, you must install root certificates on the clients because no root certificates are built into the clients. If you do not install the root certificates, the clients cannot verify the information encrypted by your web server. For example, if a DigiCert organization validated (OV) SSL certificate is installed on your web server, the clients must be installed with DigiCert OV root certificates before they can communicate with your web server over HTTPS.
Download links for root certificates
You can download only the following root certificates:
To ensure normal HTTPS communication between clients and your web server, you must install intermediate certificates when you install an SSL certificate on your web server. In most cases, the SSL certificates that you download contain intermediate certificates. For example, if you download a certificate package for Apache servers, the domain_name_chain.crt file that is extracted from the package contains intermediate certificates.