Occasional browser security issues


#1

I have certbot 0.27 running and managing 9 certs on my Linux server. One of them is the website www.ch-bc.org.uk, and a few users report problems accessing the site. The error is typically of the form:

Some people have seen this on Windows systems, but mostly it seems to be on Mobiles.

I would appreciate any guidance on how to resolve this, as my checks with ssl labs and other such services say that all is well.

My domain is: www.ch-bc.org.uk
My web server is (include version): Apache 2.4.18, running Drupal
The operating system my web server runs on is (include version): ubuntu 16.04
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don’t know): yes

Certificate Name: www.ch-bc.org.uk
Domains: www.ch-bc.org.uk ch-bc.org.uk
Expiry Date: 2018-12-30 04:01:42+00:00 (VALID: 52 days)
Certificate Path: /etc/letsencrypt/live/www.ch-bc.org.uk/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.ch-bc.org.uk/privkey.pem

The apache SSLCertificateFile is set to the ‘fullchain.pem’ path.


#2

Hi,

That normally is a misconfiguration from your server that request client to present a client certificate…

Please take a look at this post… (And check if verify client is enbaled…)
http://stuff-things.net/2015/09/28/configuring-apache-for-ssl-client-certificate-authentication

Thank you


#3

Many thanks… it was exactly that :slight_smile:

I guess I didn’t understand what VerifyClient really meant… :blush::