On my desktop the website and SSL works correctly, but on my laptop it doesn't — other users have also reported that it is not working for them — and the site is saying insecure and unable to view the page.
I ran the site on SSL SHOPPER and got:
The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. The fastest way to fix this problem is to contact your SSL provider.
I am on AWS Lightsail.
Can anyone help me fix this issue? I was on chat with AWS for several hours and they could not help.
Could you perhaps elaborate more on that? Which ACME client? What command? What was the output? Which webserver? How did you install the certificate issued with the ACME client in said webserver?
We tried to renew the SSL certificate using /opt/bitnami/bncert-tool. However it was failed to renew the SSL certificate as the apache configuration was modified/customized manually or the SSL certificate was generated and installed manually previously.
Then we tried to generate a new SSL certificate using certbot command after stopping the apache service temporarily:
Also we created a symbolic link to the newly generated SSL certificate. So it is not necessary to edit apache virtual host configuration when you renew the SSL certificate using certbot later.
Edit your apache configuration to point to the fullchain.pem file as mentioned aby @Osiris - the issue is that your certificate chain served by apache does not include the R3 intermediate certificate, which it normally would.
A link was made to the certificate, but it was pointing to cert.pem instead of fullchain.pem — on some browsers/systems it was happy to secure with just cert.pem, but others were not. Pointing to fullchain.pem fixed this issue for all.
Ah, I see. Thanks @tar_mack keeping track of the pieces can be difficult. See others experiences helps me like when I do code reviews it help me code better in the future.