Where do I get a CA Bundle file?

CA Bundle file contains root and intermediate certificates. These certificates build the chain of trust for your domain certificate.

The Bundle files differ by the validation level of your certificate and the key type in the CSR you used to activate your certificate.

The CA Bundle file can be downloaded from your SSLs.com account. The CA Bundle file has .ca-bundle extension.
Alternatively, feel free to use the CA Bundle files from this article.

Sectigo Public Server Authentication Bundle

Domain Validation

RSA

ECC

Organization Validation

RSA

ECC

Extended Validation

RSA

ECC

Sectigo Secure Server CA Bundle under SHA2 USERTrust Root (legacy)

Domain Validation

Contains “Sectigo RSA Domain Validation Secure Server CA”/”Sectigo ECC Domain Validation Secure Server CA” intermediate certificate (depending on the key encryption method), signed by “USERTrust RSA Certification Authority” SHA-2 root certificate.

Organization Validation

Contains “Sectigo RSA Organization Validation Secure Server CA”/”Sectigo ECC Organization Validation Secure Server CA” intermediate certificate (depending on the key encryption method), signed by “USERTrust RSA Certification Authority” SHA-2 root certificate.

Extended Validation

Contains “Sectigo RSA Extended Validation Secure Server CA”/”Sectigo ECC Extended Validation Secure Server CA” intermediate certificate (depending on the key encryption method), signed by “USERTrust RSA Certification Authority” SHA-2 root certificate.

Sectigo Secure Server CA Bundle under AAA Certificate Services Root (legacy)

These Bundles may be used on some legacy systems.

Domain Validation

Contains “Sectigo RSA Domain Validation Secure Server CA”/”Sectigo ECC Domain Validation Secure Server CA”, signed by “USERTrust RSA Certification Authority” (new)/USERTrust ECC Certification Authority” (new), cross-signed by “AAA Certificate Services”.

Organization Validation

Contains “Sectigo RSA Organization Validation Secure Server CA”/”Sectigo ECC Organization Validation Secure Server CA”, signed by “USERTrust RSA Certification Authority” (new)/USERTrust ECC Certification Authority” (new), cross-signed by “AAA Certificate Services”.

Extended Validation

Contains “Sectigo RSA Extended Validation Secure Server CA”/”Sectigo ECC Extended Validation Secure Server CA”, signed by “USERTrust RSA Certification Authority” (new)/USERTrust ECC Certification Authority” (new), cross-signed by “AAA Certificate Services”.

Comodo SHA2 Bundle under SHA2 Root (legacy)

These might still be needed for some systems if ‘Comodo’ Bundle is required particularly.

Domain Validation

Organization Validation

Extended Validation