Install letsencrypt ssl on SmarterAsp hosted site


Please fill out the fields below so we can help you better.

My domain is:

I ran this command:

  1. certbox-auto certonly --manual
    completed all stages, got 4 files: cert.pem, chain.pem,fullchain.pem,privkey.pem
  2. I am following suggestion
    openssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem
    (noticed that it isn’t referring to fullchain.pem)
    3.loaded it to my site on SmarterAsp
  3. the site work fine on desktop but not on android
    5 checked with :
    and got an error:
    The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate.

how can i fix it?

It produced this output:

My operating system is (include version):
My web server is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):


Did you run that openssl pkcs12 command from the right directory? Because your server is sending an intermediate certificate, but it’s an old one: Let's Encrypt Authority X1.

Currently, Let’s Encrypt is using Let's Encrypt Authority X3. Subtle difference (1 -> 3), but very important.

So the question is: where did the chain.pem used by you for your openssl pkcs12 command come from? Did you run it from the /etc/letsencrypt/ directory?

Although it could also be an IIS problem. I can remember trouble with the intermediate certificates and IIS. But I don’t know any more than that, you should be able to find more on this forum about it.


Hi @MosheLevi,

As @Osiris commented:

It could be a cache problem on IIS, take a look to this thread IIS 8.5 building incorrect chain with Lets Encrypt Authority X3



Based on your advice, I asked smarterASP to remove Let’s Encrypt Authority X1 from the server Certificate Store
this solved the problem


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.