SSL Not working on Mobile

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.fulltimebull.com

I ran this command: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-14-04

Followed this guide

It produced this output: SSL works perfectly on the desktop but i am unable to access it on my iphone. I receive an error that says “This connection is not private”.

My web server is (include version): Ubuntu latest

The operating system my web server runs on is (include version): Apache latest

My hosting provider, if applicable, is: Digital Ocean

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Wordpress

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.28.0

Are you sure you’re not visiting https://fulltimebull.com/ on mobile? Versus https://www.fulltimebull.com ?

1 Like

Hi @Gamblegray

you have both versions in your DNS settings - non-www and www ( https://check-your-website.server-daten.de/?q=fulltimebull.com ):

Host T IP-Address is auth. ∑ Queries ∑ Timeout
fulltimebull.com A 134.209.29.231
London/London, City of/GB yes 2 0
AAAA yes
www.fulltimebull.com C fulltimebull.com yes 1 0
A 134.209.29.231
London/London, City of/GB yes

But your certificate has only the www domain name:

CN=www.fulltimebull.com
	14.05.2019
	12.08.2019
expires in 55 days	www.fulltimebull.com - 1 entry

So your non-www version isn’t secure.

Domainname Http-Status redirect Sec. G
http://fulltimebull.com/
134.209.29.231 301 https://fulltimebull.com/ 0.050 A
http://www.fulltimebull.com/
134.209.29.231 301 https://fulltimebull.com/ 0.047 E
https://fulltimebull.com/
134.209.29.231 301 https://www.fulltimebull.com/ 0.584 N
Certificate error: RemoteCertificateNameMismatch
https://www.fulltimebull.com/
134.209.29.231 200 0.503 I

Grade N -> certificate is invalid.

Mobile users -> they don’t type in www -> that doesn’t work.

Create one certificate with both domain names (non-www and www) and use that. So both domain names can use the same certificate.

3 Likes

Worked a charm, thank you!

2 Likes

Ok to re open this topic, i now have SSL working on my mobile but now i get the same error when on the desktop. I guess it has something to do with the www.fulltimebull.com / fulltimebull.com. Is it possible to just remove the non www version from access so no matter what is entered in the search bar it just directs to www.fulltimebull.com with an SSL Cert?

Your configuration is now correct - check https://check-your-website.server-daten.de/?q=fulltimebull.com

Both connections are secure

Domainname Http-Status redirect Sec. G
http://fulltimebull.com/
134.209.29.231 301 https://fulltimebull.com/ 0.054 A
http://www.fulltimebull.com/
134.209.29.231 301 https://fulltimebull.com/ 0.057 E
https://fulltimebull.com/
134.209.29.231 301 https://www.fulltimebull.com/ 0.590 B
https://www.fulltimebull.com/
134.209.29.231 200 0.503 I

and your certificate has both domain names:

CN=fulltimebull.com
	18.06.2019
	16.09.2019
expires in 88 days	fulltimebull.com, www.fulltimebull.com - 2 entries

And your chain is correct:

Chain (complete)	
	1	CN=fulltimebull.com
	2	CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US

The only thing - a missing file

https://www.fulltimebull.com/wp-content/uploads/2019/05/minimal-pattern.png

–>> Grade I. But your certificate is correct - perhaps only a caching problem.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.