Firewall throws an INVALID CERTIFICATE using Let's Encrypt

Hi Friends,

This morning I go to one university in my city, all was great before I enter to my website ( and noticed that I get INVALID CERTIFICATE error in the browser, I cannot believed.

I go to the properties of the certificate (using the browser) and I can see that it is issued by Fortigate CA (before Let’s Encrypt).

Now I’m in my home, and I enter the website again and noticed the CERTIFICATE is working (secure) (signed by Let’s Encrypt). So, what is the problem? the network, the firewall of the network, the certificate? please help and what can I do?


Hi @genialjacob,

The problem is that the certificate only covers, not These are not interchangeable; they’re considered distinct domain names by browsers and certificate authorities.

You might not notice this problem if you only use Google Chrome, because they have created a workaround where the browser will automatically try a variant of the address if it notices the problem. Nonetheless, it is an invalid configuration. You should repeat the process that you used to obtain the certificate and include both forms of the domain name.

1 Like

I don’t know… really I believe is the firewall of the university, because if you type: the website automatically redirects to and the certificate works fine in my home…

First, the redirect happens after the initial connection, so you really should issue a certificate for both names.

Second, that Fortigate certificate sounds to me as though your university is doing one of two things: 1) Inspecting all traffic on their network by man-in-the-middling any connections or 2) blocking your website with some form of content/DNS filter and redirecting you to a page informing you that the connection to this website was blocked. You’d need to click through the warning and see what is presented to determine which is actually happening.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.