What is the correct order of certificates when sending intermediate certificates?
Should I add the root certificate to be sent by the server?
The Certificate message is typically used to carry the server’s X.509 certificate chain. Certificates are provided one after another, in ASN.1 DER encoding. The main certificate must be sent first, with all of the intermediary certificates following in the correct order. The root can and should be omitted, because it serves no purpose in this context.