Net::err_cert_authority_invalid on some machines nginx

Hi, as the name of the topic suggest I’m getting “net::err_cert_authority_invalid” on some machines, while it works perfectly fine on others. SSllabs gives me A score. Relevant part of the nginx config looks like this

 listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/;
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot


echo | openssl s_client -connect -servername 2>/dev/null | awk '/Certificate chain/,/---/'


    Certificate chain
     0 s:/
       i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
     1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
       i:/O=Digital Signature Trust Co./CN=DST Root CA X3

Any help would be greatly appreciated


I don’t really see any problem from your site except your ipv6 site throw connection refused. (Which obviously don’t have any cert presented)

P.S. that might be an issue when you apply the certificate using certbot Nginx (since if certbot visit your ipv6 site, it won’t passed)

Thank you

1 Like

Hi stevenzhu, thank you for your answer!
Im going to fix ipv6 issue and see if that is going to help. Will certanly update results here

Hi, ipv6 seems to be fixed now, but the issue still remains. Im attaching an image

Im realy running out of ideas what could be wrong here


The certificate is only valid for, not

Note that this page does not give any errors: , but this one does:

Basically, when you issue a certificate in Certbot, it needs to include both names. This can be achieved with:

-d -d

Bullzeye, cant believe I missed that.
Thank you very much!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.