HTTPS is working, but Certificate not trusted? Using Windows Server 2012 R2


#1

I’ve been trying to get the free LetsEncrypt SSL certificate to work with IIS on Windows Server 2012 R2.

I went through the ACMESharp github tutorial ( https://github.com/ebekker/ACMESHarp/wiki/Example-Usage and https://www.youtube.com/watch?v=SVUY7ygbGm8 ) and got everything to work without errors on Powershell.

When I load the website in HTTPS, it works, but the browser complains about how it’s not completely trusted. http://i.imgur.com/08hGUxI.png

Please let me know if you have any ideas as to what’s going wrong. When I look at the Server Certificates in IIS, it looks good: Issued To (my domain), Issued By Let’s Encrypt Authority X1, Expires May 2016, Certificate Hash (redacted), Certificate Store (personal)

The URL I used when signing up for LetsEncrypt was: https://acme-v01.api.letsencrypt.org/


#2

Your site loads parts of the page (such as CSS, pictures, etc) over plain http. Such practice is called mixed content. You must load everything over a secure connection in order to eliminate this. There are ways to figure out what content that is, for example Security tab in Chrome Dev Tools.