Facebook debugger returns Can't validate SSL Certificate

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: alivereportsmag.com

I ran this command: Sharing Debugger - Meta for Developers

It produced this output: Can't validate SSL Certificate. Either it is self-signed (which will cause browser warnings) or it is invalid.

My web server is (include version): sorry, I don't know

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: BLUEHOST

I can login to a root shell on my machine (yes or no, or I don't know): I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): it's via the BLUEHOST CP (https://cpanel-box5206.bluehost.com)

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): sorry again, I don't know

The certificates are re-installed properly, and valid.
Thanks for any help.

1 Like
3

Hi @Jo71, and welcome to the LE community forum :slight_smile:

The site resolves to multiple IPs.
Both of which present a cert [via port 443] that covers the name mentioned.
See: SSL Server Test: alivereportsmag.com (Powered by Qualys SSL Labs)

Not exactly.
It fails to provide the required chain:
image
Which cert files did you use?

5 Likes
4

Thank you @rg305 for trying to help me. Unfortunately, I don't have any IT background, so it might be difficult for me to understand your guidance :frowning:
I used the certificates generated via the host's control panel, installed them and retrieved them the same way. What information shall I provided for you to help me?

1 Like
5

You're going to need to give more details on exactly what you have access to in that control panel, and what you did to have it make a certificate. The short of it is that you need to install a "full chain", of not just your certificate but information (the "intermediate" certificates) about how to validate that your certificate is actually issued by Let's Encrypt's servers, but your server is only sending just your certificate.

Ideally, with any sort of control panel, the control panel just handles everything automatically so you never need to "install" anything and it just requests the certificates and chain from a CA itself and installs them where it needs to. If your hosting solution isn't set up to do that, it may be that you'll need help from them to have your site work properly.

5 Likes
7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.