Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: www.fish4flies.com
I ran this command:
It produced this output:
My web server is (include version): IIS7
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: Windows Server 2016
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): win-acme v2.1.18.1119.x64
I have just recovered from a server failure, which I ended up having to rebuild the OS; and am struggling with a Chain issue. I`m not sure if I need to install an intermediate certificate on the server to support this?
I have tested this domain (it effects all domains on the server) here, and it shows that the chain is missing:
http://www.sslchecker.com/sslchecker?su=21e5f43d66cdbd828a22278f8da808cd
I have followed the installation instructions of win-acme, which is basically save to a folder and run. From here I have reissued all certificates on the IIS server.
The certificates show fine on desktop, but when I check on my mobile this morning (andriod/chrome), it comes up with ERR_CERT_AUTHORITY_INVALID.
The LetsEncrypt site doesnt suggest that I need to install any intermediary certificates installed, but it doesnt look like I have a Lets Encrypt in the TrustedAuthority on the server; I attempted to install the Let’s Encrypt R3, but it doesn`t seem to have appeared in the list after it said it was successful.
Any guidance on how to fix the chain issue would be appreciated.
