Hello everyone, I'm a newbie of SSL certificates. I hope someone can help me.
Some of my users start reporting "net err cert authority invalid" error on their browser. This error appears only to some users: I have never been able to see it from my devices.
The SSL certificate is included in the hosting service.
My domain is:
yogare.eu
My web server is (include version):
Apache/2.4.29
The operating system my web server runs on is (include version):
Ubuntu (I don't know the version)
My hosting provider, if applicable, is:
Hosting Solutions (hostingsolutions.it)
I can login to a root shell on my machine (yes or no, or I don't know):
I don't know.
The server yogare.eu seems to be OK, serving the old android compatibility certificate signing chain.
That is the key point. What kind and what version of browser and on what type of operating system your users are using, when the connection gives the above error?
Unrelated but worth a mention:
As shown by SSL Server Test: yogare.eu (Powered by Qualys SSL Labs)
TLSv1.1 is enabled and likely not being used [should be disabled].
Also, none of the "WEAK" ciphers are required by any of the most widely used clients.
And they should also be disabled.
Thanks to bruncsak and rg305 for your kind replies.
Upon further investigation, we concluded that the issue in question was most likely due to the user's local configuration (firewall or antivirus).