Chrome, Firefox non valid certificates

Thanks. That was a bug, is now fixed. No preferred version www or non-www or more then one https - result with http status 200 -> C. You should have one preferred version (www or non-www), then add a redirect non-preferred -> preferred version.

PS: If this is your first certificate, B is ok.

A requires Http Strict Transport Security. This is an excellent feature - but requires a correct certificate.

Mmmmm was a A before. I do that the chain and the key but still say that.

No in C :frowning: but with 2 error

In this Page now I have A+

This is good, you have fixed your incomplete chain. But ssllabs says:

Certificates provided 3 (3990 bytes)
Chain issues Incorrect order, Extra certs

so it looks you send the intermediate certificate two times.

You don't have a preferred version. One of

should be preferred, so add a redirect from the other domain to your preferred domain with http status 301.

PS: The preload directive is irrelevant if you don't add your site to Googles Preload-list. And preload is only possible for your main domain -


PS: Checked with my own domain (without error).

Certificates provided 2 (2590 bytes)
Chain issues None

2, not 3.

Thanks… I Fixed the chain issues

Additional Certificates (if supplied)
Certificates provided 2 (2582 bytes)
Chain issues None

I will try make 1 preferred version.

Thank You…

Can you give me the link to add the main domain.


The link is already posted:

But Google has problems to understand your main domain:

We cannot connect to using TLS ("Get net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)").

Oh Sorry, I thinked was other URL.

Thanks. Yeap main domain is in wordpress also different server without HTTPS, I Will put letsencrypt again, because before have issue with the updating certs.

Then you shouldn't add a HSTS header. HSTS is ok, if you are sure you will always have a valide certificate. Same with every subdomain.

With HSTS, users can't create a certificate exception if the certificate is invalide (expired).

And preload requires correct redirects http -> https.

Ok Thank you, For your help.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.