Occasional browser security issues

I have certbot 0.27 running and managing 9 certs on my Linux server. One of them is the website www.ch-bc.org.uk, and a few users report problems accessing the site. The error is typically of the form:

Some people have seen this on Windows systems, but mostly it seems to be on Mobiles.

I would appreciate any guidance on how to resolve this, as my checks with ssl labs and other such services say that all is well.

My domain is: www.ch-bc.org.uk
My web server is (include version): Apache 2.4.18, running Drupal
The operating system my web server runs on is (include version): ubuntu 16.04
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I donā€™t know): yes

Certificate Name: www.ch-bc.org.uk
Domains: www.ch-bc.org.uk ch-bc.org.uk
Expiry Date: 2018-12-30 04:01:42+00:00 (VALID: 52 days)
Certificate Path: /etc/letsencrypt/live/www.ch-bc.org.uk/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.ch-bc.org.uk/privkey.pem

The apache SSLCertificateFile is set to the ā€˜fullchain.pemā€™ path.

Hi,

That normally is a misconfiguration from your server that request client to present a client certificateā€¦

Please take a look at this postā€¦ (And check if verify client is enbaledā€¦)
http://stuff-things.net/2015/09/28/configuring-apache-for-ssl-client-certificate-authentication

Thank you

3 Likes

Many thanksā€¦ it was exactly that :slight_smile:

I guess I didnā€™t understand what VerifyClient really meantā€¦ :blush::

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.