net::ERR_CERT_AUTHORITY_INVALID within company network


#1

Please fill out the fields below so we can help you better.

My domain is: https://qsr.systems

My web server is (include version): CentOS 7 VM

My hosting provider, if applicable, is: Self Hosted

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Vesta CP

Hello - within our company network, all sites with LetsEncrypt certificates (including this site) appear as net::ERR_CERT_AUTHORITY_INVALID). Outside of the network, they are fine.

This is something outside of what I know - are there any specific ports / domains that need to be whitelisted?

If it helps, I’m using this to handle certificates on my server https://github.com/interbrite/letsencrypt-vesta


#2

For some reason, your company doesn’t trust the “DST Root CA X3” certificate. There’s nothing wrong with your site. There’s nothing to “whitelist” from your end. It’s your company which is at “fault”.

Although… If you look at the results at SSL Labs, it seems your server is sending another certificate when not using Server Name Indication. This is quite common on todays servers and this shouldn’t be an issue with modern browsers.


#3

Excellent, thank you. I’ll go to IT now to sort this out.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.