I successfully added https protocol to the website. I can access the page through its public IP address, but sometimes (totally random times), when accessing through its domain, chrome returns “Privacy Error”. I read a similar question and they said it is probably because there is a certificate (chub.gdslab.org), but the server is redirecting to a different page, and for this to work, I need a cert for both names.
Click on the ‘lock’ symbol under the connection tab it says the following:
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My web server is (include version):
Apache/2.4.41
The operating system my web server runs on is (include version):
Ubuntu 20.04.2 LTS
My hosting provider, if applicable, is:
Oracle OCI
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.12.0
Could you be a little bit clearer about the "sometimes" here—is it at totally random times? Is it when doing a particular action or accessing a particular function or part of the time? Is it when accessing the site from a particular network or device? In general, have you noticed any particular pattern about what triggers the error condition or not?
Thanks! Could you try to gather some more details the next time it happens, maybe? E.g. the address of the page you were on before the error triggered, and a screenshot of the error message in your browser?
I'm guessing it could be that a particular part of the site triggers it (for the reason that the answer to the similar question said), but it may be hard to debug without finding a reproducible example of conditions that cause the problem.
The www version has no A-record, so that's not the problem. There is no mixed content. And the screenshot (created via headless Chrome) has no warning.
Your meta viewport element is buggy, missing closing ". But that's not a certificate problem.
What says "Advanced" in your screenshot?
PS: Is this the main url or an address after a login?
'chub.gdslab.org normally uses encryption to protect your information. When Google Chrome tried to connect to chub.gdslab.org this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be chub.gdslab.org, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.
You cannot visit chub.gdslab.org right now because the website sent scrambled credentials that Google Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.'
This is the main URL. I believe the issue is because the technical department here has blocked accessing the page. I have submitted a request to whitelist the URL and I am waiting on their response.