Chrome on mobile shows as " your connection is not private " although on desktop the site works fine

I tried to open my website on mobile Chrome and the dreadful red triangle appeared with the warning that the site was not secured. while I always check on desktop, it works like a charm.
I am using Hestia cp which automatically installs letsencrypt on domains and renews them.
even then I uninstalled and reinstalled the certificate, but the issue remains consistent on mobile. this is a new issue; earlier this never occurred on desktop or mobile.

My domain is: bestsprinklersystems.com

I ran this command: bestsprinklersystems.com

It produced this output: your connection is not private

My web server is (include version): chrome mobile 106.0.5249.126

The operating system my web server runs on is (include version): don't know

My hosting provider, if applicable, is: Racknerd

I can login to a root shell on my machine (yes or no, or I don't know): I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): hestia

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): unaware

Which OS is the mobile phone running on? An Android version before 7.1.1 perhaps?

Have you changed any of your security products on that phone? If you click that red icon what other details does it show?

I am wondering if there is some antivirus / firewall interfering with your connection.

When you say this never occurred on mobile do you mean specifically this phone? Because I don't see any major change to your certs from the most recent to your prior certs.

Your version of Chrome is from a couple of years ago, why is that?

the device is old, im not sure about the chrome version. I just shared what was on the phone.

If the device can't connect to https://valid-isrgrootx1.letsencrypt.org/, then it's also not going to be able connect to any other web site that uses Let's Encrypt's certs, at least not without adding the root to the device.

i was using a fairly modern phone... the current device I'm using is temporary since my regular device is under repair. my concern is that anyone using an old Android should not have to see that dreaded red triangle. since I started using this older device I realised that there can be this issue

its Android 6 apparently

it returns the same error "your connection is not private" with a a big red danger triangle

Android 6 does not come with the "ISRG Root X1" root certificate which is used by Let's Encrypt. If you need to visit sites encrypted by Let's Encrypt certificates, you should import the "ISRG Root X1" root certificate, which can be found at Chains of Trust - Let's Encrypt (under "Certificate details (self-signed): crt.sh, der, pem, txt", you probably need the PEM file for Android I think), into your Android operating system.

@SusanB please also see Certificate Compatibility - Let's Encrypt

Also see this about the recent change which shortened the chain and lost some older Android compatibility. One suggestion for older Android is to use Firefox Mobile which should work instead of Chrome.

And if you need your site to have TLS work by default on devices that no longer get security updates, then you may want to look at some alternative CAs. But many sites on the web would not work on those devices, not just yours. (And of course, on devices that don't get security updates, even if you communicate over TLS there shouldn't be any expectation that the communication is actually "secured".)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.