Main Content


File containing the server certificate chain


--x509-cert-chain path


x509-cert-chain specifies the server certificate chain file. It contains one or more PEM-format certificates. The chain begins with the server certificate. The server certificate is followed by a chain of untrusted certificates. To use the certificate chain file, specify the x509-private-key.

Starting in R2019b, if https is enabled on the server, you must set the x509-cert-chain and x509-cert-chain properties; otherwise, the server fails to start.


Do not specify trusted certificates in the certificate chain file.



Path to the certificate chain file. Relative and absolute paths are valid.


  • For on-premises server instances created using the command line, update this server configuration property in the main_config server configuration file.

  • For on-premises server instances created using the dashboard and for server deployments in the cloud, use the dashboard and cloud dashboard, respectively, to update the server configuration property.

Configure Using Command Line

In the main_config file, set the x509-cert-chain property to the following:

The instance loads the certificate chain from cert_chain.pem which is located at instance_root/x509.

--x509-cert-chain ./x509/cert_chain.pem

Configure Using Dashboard

In the dashboard, in the Settings tab of your server instance, under SSL, enter the following for the X509 Certificate Chain property: