# Install of existing wildcard certificate

First of all, stop the suite using:

`/opt/src/DD# ./dd-ctl down`

To make certificate compatible with DD, you need to merge the fullchain with the private key of the certificate, the best way of doing this is concatenating two files in a new one:

`/tmp/certificatw# cat fullchain.pem cert.key > /opt/DD/src/haproxy/certs/chain.pem`

The fullchain.pem file must contain all the certificate chain, cert.key is the private key, it needs to end up something like this:

```
> cat /opt/DD/src/haproxy/certs/chain.pem
-----BEGIN CERTIFICATE-----
YDC ...
...
... PnQP
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
5dSf ...
...
... Hwgs
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
sI3q ...
...
... vZas
-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE KEY-----
vzKJ ...
...
... 2dLs
-----END RSA PRIVATE KEY-----
```

Review the route where you created the new file chain.pem, it must be in /opt/DD/src/haproxy/certs

Once this is done restart the suite:

`/opt/src/DD# ./dd-ctl up`

Domain certificate must work then.