What is, and how do I acquire, the “Entire Certificate Chain”?
The entire certificate chain refers to each certificate from the root CA certificate, each intermediate certificate, and the issued certificate presented for an SSL negotiation. The entire chain could consist of 1 to n certificates, where 1 would be a self-signed (self-issued) certificate. A previsous FAQ describes a simple way to check that an LDAPS certificate is installed, but you can also view and export the entire certificate chain by logging onto your Domain Controller and doing the following: 1. Start Microsoft Management Console (MMC). 2. Add the Certificates snap-in that manages certificates on the local computer. 3. Expand Certificates (Local Computer), expand Personal, and then expand Certificates. If there is a certificate listed, you can double click it and go to the Certification Path tab to view the entire certificate chain. You can then save each certificate to a file by clicking each one in the chain, clicking View Certificate, then click the Details tab, and Copy to F
