Intermediate certificate

Mike1234 · October 31, 2021, 5:51pm

Hello community,

I have following problem with my Let'sEncrypt certificate and I hope that someone can help me, please.

I created via certbot command below a privatekey and a fullchain.pem certificate on my local machine. Then i upload the files to my hosting providers control panel and install them. Works fine so far.

BUT now i got the feedback the some people are facing a security warning when opening the domain.
I made a check and I found out the there is an issue with the Intermediate certificate.

"The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate."

Can anybody help me and give me some hints (in easy word) how to fix this issue, please.

Thanks in advance.

Domain: www.schusser-oeg.at

I ran this command: sudo certbot certonly --manual --preferred-challenges http -d www.schusser-oeg.at

It produced this output: privatekey.pem, fullchain.pem

My web server is (include version): appache

The operating system my web server runs on is (include version): linux

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): no

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.31

Osiris · October 31, 2021, 5:57pm

Your site is indeed not sending an intermediate certificate. While fullchain.pem does actually include the entire chain (thus including the intermediate cert), your control panel doesn't seem to be using it. Maybe the "Yes" control panel also offers a separate upload possibility for the chain, separate from the certificate itself?

Mike1234 · October 31, 2021, 6:49pm

Hi,
oh... its not a "Yes" panel. It is a panel from A1 provider.
On that panel there is the section to upload the fullchan.pem and the privatekey.pem.

There is one button to install new Certificate and another button to install new CA-Certificate.
I always use the Install new Certificate Button. More SSL related options I cannot find. I dont know what CA means.

Do you think I should use the CA Button to install the certificate?
Or do you have any other hints?

thanks!

rg305 · October 31, 2021, 6:59pm

Hi @Mike1234 and welcome to the LE community forum

You should ask the provider of that panel.
[I don't think anyone here would know better]

Mike1234 · October 31, 2021, 7:02pm

Ok thanks. I will contact my provider.

Osiris · October 31, 2021, 7:02pm

You might need to:

Upload cert.pem using "Install new Certificate" and;
Upload chain.pem using "Install new CA-Certificate".

But that's just a wild guess.

system · November 30, 2021, 7:03pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Intermediate/chain certificate Error Help	8	9558	June 25, 2017
Where can I find the Intermediate certificate Help	14	5146	August 16, 2023
Fullchain.pem contains an invalid Intermediate Help	3	820	October 13, 2022
Incomplete, Extra intermediate chain certificate Help	10	2478	January 29, 2021
Certbot certificate not secure Help	6	1121	January 17, 2023

Intermediate certificate

Related Topics