We have installed LetsEncrypt on some domains they all work great on all the browsers, however we have noticed that some older Andriod devices eg. Nokia Lumia 710 we get the “having problems with the site’s security certificate” message is .
“it looks like the security wasn’t issued by a trusted certificate authority”
Anyone else having this issue? or know how we fix it?
are you using fullchain certificate? which shall include LE X3 intermediate signed by DST Root CA X3 ,which should be trusted
What does "older Android device" mean?
You mention “older Android devices” but then give as an example the Nokia Lumia 710, which is a Windows Phone 7 device. So it can be helpful to know exactly which device and operating system you see trouble with.
If the device is old enough that it really doesn’t trust IdenTrust’s roots, which is possible, then there is no way for you to fix this on your servers, users with these devices would need to either override the message for your site, or add the IdenTrust root CAs to their device which is a relatively technical change (not something you would or should ask a normal customer or visitor to do). This would be true for Windows Phone 7 or Windows Phone 7.1 for example.
It’s hard to be sure exactly which versions of Windows Phone work with what because Microsoft has a policy of “tidying up” documents by reformatting and moving them so that even their own search engine can’t find anything. So if you follow a link somebody wrote when Windows Phone 8 was still current it’ll usually just dead end.
On the other hand, for newer devices the problem can be as simple as missing Intermediate certificates. If you’ve used tests like the SSL Labs test, they would highlight this.
Hello Guys many thanks for the replies.
The phone that I see the problem on, is a Nokia Lumia 710 purchased early 2012, it is running software windows phone 7.5.
From the replies I am guessing not really much I can do about it, it is probably a microsoft issue.
Thanks again for your help.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.