Certificate issue to access https://www.psasltd.co.uk/ website

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: local.napthens.co.uk

I ran this command:N/A

It produced this output: N/A

My web server is (include version): N/A

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):Yes

One of our user is having an issue access this website using Google Chrome - https://www.psasltd.co.uk/
Above website only allow work on Chrome or Firefox. Our end users only have Chrome wb browser but when we trying to access it, this website is Secure but it’s asking for certificate invalid message.

Can someone help to see how to resolve this issue ?


This is the certificate i can see outside on Citrix environment but not within the Citrix environment so i am guessing i have to install it but dont know where to get this cert.

I'm not following.

The website only works on Chrome (and Firefox). And your users have Chrome. I fail to see the problem?

Could you make a screenshot of the problem? I'm also failing to understand this. It's giving an error, but also says the website is secure? A secure website with an error?

certificate screen i have submitted was from out side of Citrix environment. Within the Citrix environment it’s display as below,
image

When i click on to check certificate tab on Chrome it displays as below,

hope this is make sense.

Well, that's not Let's Encrypt now is it. :wink:

From your first post I deduce Napthens is your employer. It seems your companies proxy does a "Man in the Middle", so it can screen all outgoing connections, for example, for virusses or other bad stuff. It could be there's an issue with the acceptance of the companies own certificate, but that's not something related to Let's Encrypt.

The user you've mentioned, is that an employee too?

Also, you haven't addressed my trouble understanding your request.

If i want to download Let’s Encrypt certificate then how do i do that? I like to install it in to our Citrix environment to see if that works or not.

I’m not sure what you mean.

Hi @hirensolanki

there is no general error visible. The site has Grade E - https://check-your-website.server-daten.de/?q=psasltd.co.uk - so both versions (non-www and www) are secure.

But Chrome has two minor errors:

The first is a known problem. Switch to a GCM Cipher suite.

The second problem - same thing. SHA1 is a part of your Cipher Suite.

Ssllabs shows only weak Cipher suites:

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH secp521r1 (eq. 15360 bits RSA) FS WEAK 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH secp521r1 (eq. 15360 bits RSA) FS WEAK 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp521r1 (eq. 15360 bits RSA) FS WEAK 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp521r1 (eq. 15360 bits RSA) FS WEAK 128
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) WEAK 256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK 128
1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.