Install an Origin CA certificate...Apache httpd

While trying to Install an Origin CA certificate at my origin web server which is Apache on Google Cloud Platform.

But the instruction for Apache httpd, which linked to


  1. Log in to your DigiCert account and download the intermediate (DigiCertCA.crt) and your primary certificate ( your_domain_name.crt ) files.

But the file got from Cloudflare is , can anyone help me to clarify the confusion…


You are talking about different certificates here.

Do you want to configure an Origin certificate or Digicert’s?

If you need the Origin certificate’s root certificate, you will find it at

Hi @sandro
Thanks for the quick response.

I had followed the instruction page as you shown,
Step 1. Created an Origin CA certificate, got 2 files… and
Step 2. Install an Origin CA certificate at your origin web server, but here is the confusion…

my origin web server which is Apache on Google Cloud Platform (provided via Bitnami), but if i followed the list of links for Apache httpd, seems is not for me.

Nor should be the Origin certificate’s root certificate, since my previous experience with Let’s Encrypt is storing the server.crt / server.key / server-ca.crt in opt/bitnami/apache2/conf

So, is there any instruction can help me in my use case?


So an Origin certificate it is. In this case you essentially need to follow the instructions at

The configuration for Google does not seem to be covered at that page, however it will be similar to all other server (you need the certificate and the key and possibly the root certificate). For exact steps on how to configure it you best contact Google or consult their documentation.

Hi @sandro

Will it be any difference if I purchase the Dedicated SSL Certificate ?


Dedicated certificates are not for your server but for the proxies.

Hi @sandro

One more question, A green check mark with “Your SSL/TLS encryption mode is Full”, but my site is still showing “not secure”.

Where should I look into…

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.