Discerning GoDaddy SSL Certificate Types
I'm following these instructions for installing a GoDaddy Certificate in Apache Tomcat:
http://support.godaddy.com/help/article/5239/generating-a-csr-and-installing-an-ssl-certificate-in-tomcat-4x5x6x?locale=en
However, in the steps a root certificate, intermediate certificate, and certificate are referenced. How can I tell which file is which?
These are the names of the three files that I received in the download. I've tried opening each one in windows by simply double clicking too, but I see no reference to their type.
gd_bundle-g2-g1.crt
gdig2.crt
2b9918dccf2f1d.crt
Solution 1:
-
gd_bundle-g2-g1.crt: Go Daddy Certificate Bundles - G2 With Cross to G1, includes Root -
gdig2.crt: Go Daddy Secure Server Certificate (Intermediate Certificate) - G2 -
2b9918dccf2f1d.crt: Your certificate
Source: https://certs.godaddy.com/anonymous/repository.pki
Solution 2:
You can use openssl's x509 subcommand:
openssl x509 -subject -issuer -noout -in cert.pem
and check the output. Should be self explanatory.
An example:
$ openssl x509 -noout -issuer -subject -in gd-class2-root.crt
issuer= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
subject= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
$ openssl x509 -noout -issuer -subject -in gd_intermediate.crt
issuer= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
subject= /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
You can also verify the chain of trust:
$ openssl verify -CAfile gd-class2-root.crt gd_intermediate.crt
gd_intermediate.crt: OK