A Valid SSL certificate is not valid in lower versions of CHrome

Hi,

Domain name is https://www.jamuntree.co.in/ . This SSL is working in the most browsers but our client is using the lower versions of browser, and it is not working. The certificate is in the validity. Please have a look. I am attaching the screenshot

I don't have time too look it but server is sending long chain,
https://www.ssllabs.com/ssltest/analyze.html?d=www.jamuntree.co.in

chrome uses os cert store yet so it will use win 7 store

2 Likes

Try switching to the shorter/alternate chain OR switching to another CA.

1 Like

It's probably not that it's an older Chrome, but that it's an older operating system (as that looks like Windows 7). Chrome just uses the operating system's trust store. In theory the trust store is supposed to get updated automatically from Windows Updates, but in practice it seems there are a lot that have that turned off for one reason or another.

There some info from other people trying to connect to Let's Encrypt-secured sites using Windows 7 in this thread, and I think the main recommendation is to install this update:

https://support.microsoft.com/en-us/topic/support-for-urgent-trusted-root-updates-for-windows-root-certificate-program-in-windows-a4ac4d6c-7c62-3b6e-dfd2-377982bf3ea5

But of course, even if that gets the system able to connect, as Windows 7 doesn't get security patches anymore one should be aware that even if one has a "secure" connection to a web server, it is still quite possible for the system itself to get compromised and it shouldn't be used for anything where one actually cares about security.

5 Likes