hi everyone, i just need some help because i am not techy and i don't know how to solve this issue. we can't post our wordpress content because the featured image of our content is not showing up even our SSL is valid.
The website for that hostname does not send the intermediate certificate, thus resulting in an incomplete chain which is a reason for some chain validators to mark it as invalid.
You need to make sure that somehow the full chain is used. How? I dunno, I've never heard of the webserver "box2187" and neither does Google. And the fact cPanel is also used makes this outside of my comfort zone.
Maybe you can tell us how you got and installed the certificate in the first place?
Technically: no. There is technically no difference between a free Let's Encrypt certificate (and chain) or a certificate which costs you , which also has a certificate chain needing to be installed. (The term "premium SSL" does not make any sense IMO, unless someone thinks something is premium just if you pay big bucks for it. A DV certificate is a DV certificate, whether it's free or not.)
However, Bluehost might have different ways of handling a free certificate compared to a purchased certificate. While it should be no issue what so ever to install a free certificate properly (including the chain), it might be that Bluehost somehow installs purchased certificates differently with the correct chain at the first try. But there's (from my point of view, technically) no certainty about that.
I would not recommend you to purchase a certificate for such a TRIVIAL thing as a certificate chain. This is simply something Bluehost should get right the first time. Many other hosting providers provide Let's Encrypt certificates absolutely free automatically, i.e. without the customer having to push any button. The fact Bluehost makes you press a button to get a free certificate (from what I saw on their website) is abominal enough.
By the way, please make sure of the quote feature of this forum software instead of pasting an image of the text.
Speak to Imperva, it's their certificate configuration that's wrong and you are probably paying for their service. Your site's IP address is owned by them. Other sites on the same IP address have a special certificate (from GlobaSign) that includes imperva.com
Do you perhaps have an Imperva control panel with them where you regularly upload the cert you want to use? If so, try uploading the fullchain.pem version of your certificate file.
What is the exact symptom of this? Because I agree with the other volunteers your domain does not send the full chain of certs. But, you also have an Imperva (Incapsula) firewall that blocks bots and such.
I wonder if what you are seeing is the result of this firewall blocking those sites like below:
Or, maybe this firewall needs to also have the full chain of certs added?
Our website is working fine, but posting on social media like FB and twitter, they don't recognize our SSL. and i am sorry to say, i don't know about the Imperva, we're just using Bluehost and no knowledge about it.
btw, Bluehost told me that our IP address is not pointing to them and it's pointing to Sitelock a
Do you control your DNS records? You can point them wherever you desire.
But please note: somebody in your organisation, or some vendor you delegated DNS management to, at some point in the past, decided to point your A record there. It might even be a typo, a digit swap, or something like that. But you should find out before changing the record.