Renew certificates manually and verify chain elements

Order of the certificate chain is: CERT - CACERT - CACERT_ROOT

# Verify your cert element (or part) from the command line:
#  (write EOLS to execute command)
cat <<EOLS |openssl x509 -text -noout -in /dev/stdin | less