Install letsencrypt ssl on SmarterAsp hosted site

Please fill out the fields below so we can help you better.

My domain is:

I ran this command:

  1. certbox-auto certonly --manual
    completed all stages, got 4 files: cert.pem, chain.pem,fullchain.pem,privkey.pem
  2. I am following suggestion
    openssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem
    (noticed that it isn’t referring to fullchain.pem)
    3.loaded it to my site on SmarterAsp
  3. the site work fine on desktop but not on android
    5 checked with :
    and got an error:
    The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate.

how can i fix it?

It produced this output:

My operating system is (include version):
My web server is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):

Did you run that openssl pkcs12 command from the right directory? Because your server is sending an intermediate certificate, but it’s an old one: Let's Encrypt Authority X1.

Currently, Let’s Encrypt is using Let's Encrypt Authority X3. Subtle difference (1 -> 3), but very important.

So the question is: where did the chain.pem used by you for your openssl pkcs12 command come from? Did you run it from the /etc/letsencrypt/ directory?

Although it could also be an IIS problem. I can remember trouble with the intermediate certificates and IIS. But I don’t know any more than that, you should be able to find more on this forum about it.

1 Like

Hi @MosheLevi,

As @Osiris commented:

It could be a cache problem on IIS, take a look to this thread IIS 8.5 building incorrect chain with Lets Encrypt Authority X3 - #84 by Knagis



Based on your advice, I asked smarterASP to remove Let’s Encrypt Authority X1 from the server Certificate Store
this solved the problem

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.