To truly understand SSL certificates and what an SSL certificate chain is, you need at least a rudimentary knowledge of public key infrastructure (PKI). PKI is a system of certificate authorities (CAs), root programs, and digital certificates. PKI is the trust model that undergirds SSL/TLS.
Comodo CA Bundle / Certificate Chain
Building the correct Comodo certificate chain is easy
Let’s talk about certificate chaining. The way trust works with relation to SSL is that the browsers are pretty much hard-coded to trust a handful of root certificates. The trusted roots come pre-installed in browsers’ trust stores. A trust store is a carefully curated collection of Roots that all of the trusted Certificate Authorities issue from. In order for an end user SSL certificate to be trusted, it has to chain back to one of those trusted roots. If it doesn’t the browser will issue a warning about the certificate in question.