- apache: 证书本体和chain可以分开，所以直接在httpd.conf设置 SSLCertificateChainFile即可。
- nginx: 证书本体与chain必须合体。根据nginx wiki原话:
if you have a chain of certificates — by having intermediate certificates between the server certificate and the CA root certificate — they’re not specified separately like you would do for Apache. Instead you’ll need to concatenate all the certificates, starting with the server certificate, and going deeper in the chain running through all the intermediate certificates. This can be done with “cat chain.crt >> mysite.com.crt” on the command line.