Let's Encrypt cert works in Chrome, pops warning in Safari


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.enmtw.com

I ran this command: certbot --nginx

It produced this output: It succeeded

My web server is (include version): Nginx 1.10.3

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is: Microsoft Azure

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

When I visit my site in Chrome, SSL works just fine. In Desktop Safari (mobile works fine), I get a ‘Connection Not Private’ warning. Why is this happening? How do I fix it? God, I hate SSL.


Hi @enmtw,

Your certificate isn’t valid for www.enmtw.com, only for enmtw.com. Chrome has made a questionable decision to ignore this particular error, while other browsers don’t. You can fix the problem by reissuing your certificate and making sure that it covers both names.


Oops. Thanks, trying that now.


When I run certonly, I can enter both domains. When I run the Nginx command, I am only prompted with the enmtw.com domain, not the WWW variant. Not sure what the syntax is to tell Certbot ‘hey, let me punch in my domains’.


From what I see, chrome is not ignoring this, but rather allowed the website redirect to https root domain (which is still questionable…)

I believe for Nginx, it’s asking for vHost profiles right?

You can specify the domains by add flags -d enmtw.com -d www.enmtw.com

Thank you


That did it! Thank you!

Might be a good idea to spell out the -d flag in the --help. It refers to a comma separated list of domains, which did not work.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.