LE Certificate Error (Firefox only)


#1

Hi all,

Have you ever encountered that LE certificate has problem with firefox browser? it encounters

This Connection is Untrusted

You have asked Firefox to connect securely to $domain.com, but we can’t confirm that your connection is secure.

Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site’s identity can’t be verified.
What Should I Do?

If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn’t continue.

But in Google chrome and Internet Explore my LE SSL certificate works OK. Thanks again!

:wink:


#2

Make sure your web server is serving the intermediate certificate (i.e. use fullchain.pem or chain.pem in your configuration, depending on your web server software).

It’s possible that Chrome/IE has previously seen and cached the intermediate certificate from some other site using Let’s Encrypt, while Firefox hasn’t.

You can check for chain issues through SSL Labs.


#3

Hi pfg,

I used this configuration in my running web server, specifically nginx. Ok Thanks for the advise again

ssl on;
ssl_certificate /etc/letsencrypt/live/$domain/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/$domain/privkey.pem;


#4

This should be:

ssl_certificate /etc/letsencrypt/live/$domain/fullchain.pem;

Take a look at the Mozilla SSL configuration generator for other things you might want to add.


#5

Great Its working now. Thanks again PFG !!! :grin: