Specifying a TLS intermediate cert not possible?

I deploy a DV Sectigo certificate for some of my customers which includes an intermediary certs file. Apache knows this as the SSLCertificateChainFile .

I do this because some older browsers have issues with one of the co-signed roots (nothing I can do about it), for legacy support reasons requested by the client.

I can add this line to my virtual servers’ .conf file and it works fine, however the Virtualmin interface has no means to specify or concatenate a chainfile to a certificate file. Until I manually edit the virtualhost it omits the setting from a vhost’s config.

Could Virtualmin’s SSL Certificate settings page be extended to allow you to also specify an intermediaries signing chain file? Or was this previously available but removed as a design choice? (forgive me if so, I’m a relative newcomer to using virtualmin)

FWIW, I’m aware this setting is defined as obsolete as of Apache 2.4.8, this CentOS7 box is running 2.4.6, latest from repo. I guess as long as the system supports uploading of a concatenated cert + chain file, that’s grand as an alternative solution…

There is a tab for that on the SSL Certificate page labeled CA Certificate.

Ah, bugger, I totally missed it :rofl: :exploding_head: all sorted and cert copied to Postfix, worked instantly of course. Thanks…