Certificate chain not valid

Hello. I am trying to make sure I have my website set up with proper chaining in the certificates (and to make my certificate vendor signed if possible) so I can pass some PCI requirements. The website gleneccles.com that I am using below is a guinea pig for my real website that I am trying to work with. I have ru nout of steam Googling answers so I come to the experts for some advice.

My domain is: gleneccles.com

I ran this command: I an using the keyvault-acmebot Azure Function. I went through the documentation and am successfully issuing certs. It is going pretty well, but I am stumped. This is what I followed: Getting Started · shibayan/keyvault-acmebot Wiki · GitHub.

It produced this output: SSL Certificate Checker - This site says it is not vendor signed. And the chain certs are missing. Do I need to import the ISRG Root X1 pem into Azure somehow? i attempted to import it and it says it is not a valid pem format which is odd.

My web server is (include version): I use an Azure App Service. Not sure what is needed by version.

The operating system my web server runs on is (include version): Not sure what is needed by version. I can dig in to try to find it if necessary.

My hosting provider, if applicable, is: My domain is purchased through GoDaddy, but the DNS is managed through Azure.

I can login to a root shell on my machine (yes or no, or I don't know): I am not using any CLI. I have used the function up until this point.

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I am using the dashboard provided by keyvault-acmebot.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Hello @gleneccles, welcome to the Let's Encrypt community. :slightly_smiling_face:

Please read the following Topics on this forum


There is nothing wrong with your cert and chain. There is something wrong with that website you used to test it.

A better SSL Checker says it is fine (link here)

SSL Labs is another popular test site and it shows it fine too.


Thank you guys for the help. I did see some other checkers that said it was all good. I appreciate the input!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.