Contrary to what you may find on the Internet, the trust chain of ssl certificate is actually from BIG to small.
It may not be matter to some browsers but matters to others. I installed the chain in reverse order but chrome and IE don’t complain. Firefox is more picky.
The merge command line goes like
COMODORSADomainValidationSecureServerCA (intermediate) > COMODORSAAddTrustCA (intermediate) > AddTrustExternalCARoot (root)
Resulting something like