Resolution:
Description  :  
=========
Follow the procedure outlined below after using OpenSSL to create a CSR (Certificate Signing Request), and having the CSR signed by the user's Certificate Authority.

Environment :
==========
All

Resolution:  
=========
For this example, we will assume the following filenames:

- Root CA Cert File                      = root-ca.cer
- Intermediate CA Cert File          = int-ca.cer
- Leaf Cert(Got signed from CA) = leaf.cer
- Private Key                                 = key.pem

The steps used to combine these certificates are:
            
Step - 1:  Create a new file (example: FullCA.cer) and paste the content of int-ca.cer at the top and root-ca.cer at bottom of the file. If the user has more than one intermediate CA they can paste them all in this file, keeping the root certificiate after the intermediate certificates(s).
          
Step - 2: Run the following OpenSSL command:

openssl pkcs12 -export -in leaf.cer -inkey key.pem -out FullIdentity.pfx -certfile FullCA.cer
            
This will create the file FullIdentity.pfx, which contains the whole identity including the complete certificate chain.

The FullIdentity.pfx file can be directly loaded into any application (such as TIBCO BusinessConnect) because it now contains the complete certificate chain.
            
References:            
The OpenSSl utility can be downloaded from http://www.openssl.org