Invalid certificate on mobile, works on desktop

My site is in a shared VPS.

The domain for which I’ve got the let’s encrypt certificate is

Visiting the site from desktop works fine: Chrome 52 @ OS X 10.11.

Visiting the site from mobile doesn’t: Chrome 55 @ Android 6.0.1 (cm 13) complains that the certificate is invalid.

You haven’t included the full chain file in your configuration.

I’m sorry but I have no clue what this means.

Here’s the apache settings:

SSLEngine on
SSLCertificateFile "/etc/letsencrypt/live/"
SSLCertificateKeyFile "/etc/letsencrypt/live/"

Change cert.pem to fullchain.pem

Most likely that fixes it. If you have a much older version of Apache, that won’t work and you need an additional SSLCertificateChainFile configuration pointing to “/etc/letsencrypt/live/”

The extra certificates in these files form a “chain” between your certificate from Let’s Encrypt, and the roots trusted by web browsers. Long ago nobody did this, but these days almost all certificates everywhere use a chain because it controls the risk for the root Certificate Authorities.

When your server doesn’t send a chain, the browser must improvise, so sometimes it will work and sometimes not. So you should always configure the server to send the chained “intermediate” certificates as above.

1 Like

I think you are on apache 2.2.22 so should be

SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateChainFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/

If you have apache >= 2.4.8 then it's different :wink:


That’s correct, it worked, thanks!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.