net::ERR_CERT_AUTHORITY_INVALID within company network

deset45 · 2016-12-22 14:21:03 UTC

Please fill out the fields below so we can help you better.

My web server is (include version): CentOS 7 VM

My hosting provider, if applicable, is: Self Hosted

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Vesta CP

Hello - within our company network, all sites with LetsEncrypt certificates (including this site) appear as net::ERR_CERT_AUTHORITY_INVALID). Outside of the network, they are fine.

This is something outside of what I know - are there any specific ports / domains that need to be whitelisted?

If it helps, I’m using this to handle certificates on my server https://github.com/interbrite/letsencrypt-vesta

Osiris · 2016-12-22 14:49:27 UTC

For some reason, your company doesn’t trust the “DST Root CA X3” certificate. ~~There’s nothing wrong with your site.~~ There’s nothing to “whitelist” from your end. It’s your company which is at “fault”.

Although… If you look at the results at SSL Labs, it seems your server is sending another certificate when not using Server Name Indication. This is quite common on todays servers and this shouldn’t be an issue with modern browsers.

deset45 · 2016-12-22 14:52:34 UTC

Excellent, thank you. I’ll go to IT now to sort this out.

system · 2017-01-21 14:52:38 UTC

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.