Browser gives error, can't find why

Hello everyone,

I use Certbot since 2017 without issues, but yesterday one of my new customers noticed a certificate error on my website

Here is the screenshot he has taken (on Win10 Edge):


I can’t reproduce the error on any device. and the test gives an A+ grade.

After that I made him test other websites on his browser:

He said the error also appears on Chrome, Firefox, IE.
The “invalid CA/CN” error should be detected by the tests, and I don’t see any problem here.

What is going on? I don’t know where to start, any idea of the error?
Thank you very much

My domain is:
My web server is (include version): nginx/1.11.9
The operating system my web server runs on is (include version): Debian8
My hosting provider, if applicable, is: self hosted
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.34.2

Hi @nicomollet

I don’t see a problem -

The site has a Grade E - not perfect, but the certificates are correct:

The certificate is good:
expires in 53 days, - 2 entries

there is no chain error

Chain (complete)	
	2	CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US

and no mixed content warnings.

Looks like your customer uses a firewall or an anti-virus-software, that creates an own, self signed certificate. That’s a man in the middle. Perhaps Letsencrypt is defined as exception.

What’s the Certificate Authority of that certificate in the screenshot?

Hello @JuergenAuer

Thanks a lot for your help.

I managed to get the certificate viewed by my customer.
It sees “”, FYI it is a website I also own and have a Letsencrypt cerificate and is on the same webserver, with same IP.

The CA is Cyberoam, which is unknown to me, looks like a firewall technology.

How can the firewall interfere with my certificate?
Thank you

1 Like

That’s not from Letsencrypt. Check the third tab.

Should look like


So it’s a special problem of that customer, not a general problem of your domain.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.