Peer’s Certificate issuer is not recognized


#1

Sorry of my English

My domain is: watch-market.net

My control panel: ISPmanager

I generate a certificate from this website for using certbot-auto in manual mode and install this using create SSL->existing, where sertificate name - watch-market.net, private key - privkey.pem, certificate - cert.pem, chain of certificate - chain.pem, after this select this in option of site. https://watch-market.net/ show me a error

https://watch-market.net/

Peer’s Certificate issuer is not recognized.

HTTP Strict Transport Security: false
HTTP Public Key Pinning: false

Certificate chain:

-----BEGIN CERTIFICATE-----
MIIDwTCCAqkCCQDZ0lwtaZxSOjANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMC
WFgxCzAJBgNVBAgTAlhYMQswCQYDVQQHEwJYWDELMAkGA1UEChMCWFgxCzAJBgNV
BAsTAlhYMSUwIwYJKoZIhvcNAQkBFhZvZmZpY2VAbWVnYWluZm8uY29tLnVhMRkw
FwYDVQQDExB3YXRjaC1tYXJrZXQubmV0MB4XDTE3MDIwODExMTIxOFoXDTE4MDIw
ODExMTIxOFowgYMxCzAJBgNVBAYTAlhYMQswCQYDVQQIEwJYWDELMAkGA1UEBxMC
WFgxCzAJBgNVBAoTAlhYMQswCQYDVQQLEwJYWDElMCMGCSqGSIb3DQEJARYWb2Zm
aWNlQG1lZ2FpbmZvLmNvbS51YTEZMBcGA1UEAxMQd2F0Y2gtbWFya2V0Lm5ldDCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALOQ1aYBCVRCyrXT2LhKLhFA
5AtmFLBDBkTdsEdvz/RaafmPcn+dZZeqF7b59DFLKWmMs492T4Le48bAu3Fo2hHM
aZYk6EUuwW0WmRgyMjmtTONki5TPgqs/7CwTGrWFdYuskDm5fyNAeVbmotmC31aK
0eGCarUdSqKOdJHqCSG9FAGklsRotrTnyDWlcxXucUnYbpG5nHAWPurmi6epspMw
FgkPlYa5IpmtdOWteOauCCM2zhK8oq100cF1d0C5Uccn2nwfqKDOdnfYXFfR/vuu
liErmx4R0QmwmmuJWrhfLO4ZcTeTz+L/B8m1lI/uvcQivIZtwJRyIsqAXr8EhUkC
AwEAAaM7MDkwNwYDVR0RBDAwLoIQd2F0Y2gtbWFya2V0Lm5ldIIUd3d3LndhdGNo
LW1hcmtldC5uZXSHBFvqIRYwDQYJKoZIhvcNAQEFBQADggEBACxpnx5XMfmXqftT
5EXf4FZGZ+K1f9YHjhftF+CqDNTKJFSv+Mh806PCrgFJ8I0h4LZPzS9HNmzmtc2R
he3OlqjUg1eB3IS9js1hlJwgT8/FarXS/R6te+ndo4CPW4mqq/HTzbQnLx5Mmgy4
hVKALvGF8GFnKB3k2fZdL6zxWAH10/zyaagykPGXAIQzVxAahAGBH3mee1F3v6O7
Jz+R7L4uME/nLF9iznXnJ72P1ZpQz6xy3HpsqzCddNav8uKl+Kub+IIGcxaf6stQ
a9ziXHl0atgjevxwWV972+af8nJlWD74LZHhQz+qPW+f25aYvX1B8koNOGbshTj5
foOPg9Y=
-----END CERTIFICATE-----

Please, explain me cause of error and how to fix it.


#2

You are not using the certificate issued by Let’s Encrypt.

You are using a self signed certificate ( hence the error).

$ certinfo watch-market.net 
getting cert from server - watch-market.net

Certificate chain
 0 s:/C=XX/ST=XX/L=XX/O=XX/OU=XX/emailAddress=office@megainfo.com.ua/CN=watch-market.net
   i:/C=XX/ST=XX/L=XX/O=XX/OU=XX/emailAddress=office@megainfo.com.ua/CN=watch-market.net
---
Certificate:
Issuer: C=XX, ST=XX, L=XX, O=XX, OU=XX/emailAddress=office@megainfo.com.ua, CN=watch-market.net
Not Before: Feb  8 11:12:18 2017 GMT
Not After : Feb  8 11:12:18 2018 GMT
Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX/emailAddress=office@megainfo.com.ua, CN=watch-market.net
Public Key Algorithm: rsaEncryption
DNS:watch-market.net, DNS:www.watch-market.net, IP Address:91.234.33.22

Possibly you didn’t restart nginx after installing the certificate ?

I also note, that the certificate you pasted above is not a Let’s Encrypt chain file - so perhaps you installed the wrong certs ?


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.