Don't work on chrome 58 dev (newbie)


#1

My website ( https://www.trombipro.com ) is ok on firefox,and normal chrome, but show as a pirate website in chrome dev ? I get this : NET::ERR_CERT_AUTHORITY_INVALID
My mistake or a bug ?


Website is showing 'your connection to this site is not secure.'
#2

this error is usually to do with the fact you are not serving up the intermediate certificates

Firefox I believe includes LetsEncrypt

https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/

google i think expects the server to server the intermediate certificate

SSL Labs confirms you have chain issues

https://www.ssllabs.com/ssltest/analyze.html?d=www.trombipro.com

you are also using a startcom certificate so it’s a little cheeky coming and asking for help on this forum :wink:

best to ask startcom what intermediates you need to have a chain of trust :smiley:


#3

thanks i will try it,but i say,i am very newbie :smiley: i checked on letsmonitor.com and all was okay …


#4

yeah it’s a little weird

you are not using HSTS or anything else

it worked in chrome 56 with no issues then with chrome 57 it doesn’t work

SSLLabs seems to be happy with the CA status so the only thing I can think of is google doesn’t trust the CA anymore (which is unusual)

log a case with startcom to see if they know anything


#5

the new chrome also seems to be happy with letsencrypt certificates so that does narrow it down to the CA a bit more


#6

I’m indeed wondering why someone would ask for help about a StartCom certificate on the Let’s Encrypt community :scream:

Perhaps @fabifabi isn’t aware of the specific nature of this community… :slight_smile:

If @fabifabi wants to get rid of his StartCom certificate and tries to install a Let’s Encrypt certificate, he’s obviously welcome here :wink:


#7

It’s unusual, but I believe it’s the correct explanation here:


#8

thanks @schoen and @Osiris

@fabifabi - looks like it’s time to swap to letsencrypt :smiley:

Andrei


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.