Cert not trusted

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:aewa.org

I ran this command: https://www.sslchecker.com

It produced this output: SSL is not trusted

My web server is (include version): Apache/2.4.37 (Rocky Linux)

The operating system my web server runs on is (include version): Rocky 8 (Linux)

My hosting provider, if applicable, is: Google WS

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.22.0

I am not sure why that site reports the failure.

But, it is a bug with that sslchecker site.

Try using it to test letsencrypt.org which is the main website for Let's Encrypt. It fails the same.

We usually use SSL Labs or this SSL Checker and both report good results

See: SSL Server Test: aewa.org (Powered by Qualys SSL Labs)

Or: SSL Checker

Using openssl from my own test server also shows a valid cert and chain.

You should ignore that site's results. They are probably looking for specific intermediate (chain) certificates that have been obsolete for a long time (R3 specifically). It looks like they also don't tend to their own site very well. This is on their home page:

image2811×375 43.8 KB

OK, Thanks, I'll ignore it. I just now tried https://www.ssllabs.com and it came back all OK.