Here are two option how to achieve it - binding it to CSR request or do it manually via .pem format.
A, Go to System > Certificates > Server Certificates > add/create.
B, Select "Request Authority Certificate".
C, Fill in the information then go to the next screen.
C.1 Under the CSR tab, export the CSR and save it.
C.2 Under the Export tab, export the Private Key and save it.
C.3 Click cancel to close the screen.
C.4 Send the CSR to the vendor and obtain the signed cert.
Certification Authority send you signed certificate chains.
1, double-click to CSR request on System > Certificates > Server Certificates tab
2, bind signed certificate and CA certificate which you receive from Sing Authority - if it is a certificate for
primary domain set it as "Default certificate"
3, Restart All Service modules and check Error log for any records
You can do it manually:
1, Use notepad to copy the Private Key, signed cert, and any intermediate certs to a single cert.pem file.
2, Go to System > Certificates > Server Certificates > add/create
3, Select "Add Existing Certificate"
4, Import the cert.pem file from above
5, Back on the Server Certificates screen, select the newly imported cert and set it as the default
6, Restart the services.
7, Check the IceWarp error log for SSL errors.