Everything is working on most browsers and platforms, but some folks are getting cert invalid messages. Here’s all my info. Please let me know what else I can provide and thanks in advance!!
My domain is: amphumanperformance.com and www.amphumanperformance.com
I ran this command:
sudo certbot --nginx -d amphumanperformance.com -d www.amphumanperformance.com
from: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04
It produced this output:
I ran the command a while ago, but it modified this file to:
$ cat /etc/nginx/sites-available/amphumanperformance.com
server {
server_name www.amphumanperformance.com;
return 301 $https://amphumanperformance.com$request_uri; # redirect all www traffic to bare.
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/amphumanperformance.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/amphumanperformance.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name amphumanperformance.com;
location / {
proxy_pass http://localhost:4000; # site is served by angular SSR server on 4000
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/amphumanperformance.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/amphumanperformance.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.amphumanperformance.com) {
return 301 https://amphumanperformance.com$request_uri;
} # managed by Certbot
server_name www.amphumanperformance.com;
listen 80;
return 404; # managed by Certbot
}
server {
if ($host = amphumanperformance.com) {
return 301 https://amphumanperformance.com$request_uri;
} # managed by Certbot
server_name amphumanperformance.com;
listen 80;
return 404; # managed by Certbot
}
My web server is (include version):
$ nginx -v
nginx version: nginx/1.14.0 (Ubuntu)
The operating system my web server runs on is (include version):
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic
My hosting provider, if applicable, is:
Digital ocean.
I have A records for both www.amphumanperformance.com and amphumanperformance.com pointing to my droplet IP address
I have a screenshot but I'm not allowed to put more than image in
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
nope
The problem I’m seeing:
On most machines everything looks fine.
My cert comes up, Valid, Organization = Let’s Encrypt.
I have a screenshot but I'm not allowed to put more than image in
But some folks see this:
my one and only allowed screenshot:
Why do some people see the cert coming from Fortinet and not Let’s Encrypt as I see it on my machine? Any suggestions would be greatly appreciated!