I'm working on a project that is integrating Salesforce with a 3rd party API. They require us to pass a client certificate. Our admin created a CSR in Salesforce and got it signed by DigiCert. However we are having a problem getting the 3rd party server to trust our certificate. I think it may have something to do with the chain of trust:
DigiCert -> DigiCert SHA2 Secure Server CA -> OurCertificate
According to this Link, DigiCert (DigiCert Global Root CA) is trusted by Salesforce, but the intermediate (DigiCert SHA2 Secure Server CA) is not.
Would this have an impact on our ability to use the Client Certificate? And is there anything that can be done to make it work?
Best Answer
You need to concatinate two certificates - your signed one and intermediate one. This literatally means opening notepad, copy and paste one cert after another, so you end up with this: