Lets Encrypt does not work on Android browsers


#1

Hello!

I have installed Lets Encrypt on Plesk 17. It runs Apache 2.4.
The problem is that my webpage does not work with the Lets Encrypt certificate on Android browsers. I have found a solution, but I do not know how I have to make the solution. What do I need to do to make my website work on Android with https?

regards

Crafterman1995


#2

What’s your domain name ? I’m guessing you probably didn’t include in the CA intermediate cert into your config.


#3

minefreaks.de
What config do you mean?
I had installed Lets Encript on plesk , not on a other way.


#4

Your site is working fine on my android browser.

What error are you getting ?

I did find one which gave an error “ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY” This is nothing to do with the certificate, rather the server configuration you have. Is this on a shared server ? or do you have root access ?


#5

I habe root access.
ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY is the error in my Browser. Its the Browser on Android with the world globe on it.


#6

The good news is this is not related to the certificate from Let’s Encrypt - its the configuration on your server.

I don’t use plesk, let me see what I can find to change the configuration in the right way. (or if someone else knows, they can reply here )


#7

Thank you!

Do you speak german?


#8


I found this but i does not work


#9

That link is to a different error.

I can understand basic german - but can’t write it. I can order a beer or meal - the important things :wink:

Does your nginx (I think you are using nginx, correct me if I’m wrong) have “listen 443 ssl spdy;” in the config. If so, could you try just temporarily removing the “spdy” and restarting nginx and testing ?


#10

I use apache but nginx works also.
Where can i find the spdy?


#11

Interesting, your site responds saying it’s nginx;

curl -I https://minefreaks.de
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Nov 2016 16:44:46 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-UA-Compatible: IE=edge
X-Frame-Options: SAMEORIGIN
Set-Cookie: wcf21_cookieHash=84a742bfd4685f1f3eddc49ec146aeb9568b38fa; path=/; domain=minefreaks.de; secure; HttpOnly
X-Powered-By: PleskLin
MS-Author-Via: DAV

What is your operating system ?


#12

Ok.

Debian 8 is the operating system


#13

I can’t find any spdv.


#14

I think in plesk you can set things in server.com:8443/admin/server/optimization-settings

in debian, and apache the protocols are typicically defined in /etc/apache2/mods-available/ssl.conf (I’d change it through plesk though, as I suspect that updates and overwrites the config.


#15

At server.com:8443/admin/server/optimization-setting are settings of apache.
At ssl.conf there are no spdv


#16

And you are certain you are running with apache ( and not an nginx first - as a reverse proxy ) ? as your system reports it’s running nginx …

curl -I https://minefreaks.de
HTTP/1.1 200 OK
Server: nginx


#17

This is a good question.
I think i use both


#18

OK, so I suspect you have nginx set up as a reverse proxy, and then you are using apache.

The interface between the user and your server on https though is with nginx - so it’s the nginx config you need to check.


#19

Ok.

Do you have Teamspeak?
It is easyer to speak


#20

I don’t, no, sorry

(this needs to be 20 characters long, so adding text :wink: )