SSL working on pc not mobile

ovi.a · March 21, 2023, 1:48pm

Hello, I red numerous topics about this on this forum, and none worked for me, that why I am making one more topic about this (sorry)
My certbot SSL is working on pc but not on mobile android or ios.
The domain is youpc.ro
Every time I generate an ssl I make one for www.youpc.ro and one for youpc.ro
I modified in vhost config of my xampp on windows server the chain file to fullchain instead of chain, no luck.

<VirtualHost *:443>
	SSLEngine on
	SSLCertificateFile "C:\Certbot\archive\youpc.ro\cert1.pem"
	SSLCertificateKeyFile "C:\Certbot\archive\youpc.ro\privkey1.pem"
	SSLCertificateChainFile "C:\Certbot\archive\youpc.ro\fullchain1.pem"
	ServerName youpc.ro
	Alias /.well-known "X:/xampp/htdocs/youpc"

<VirtualHost *:443>
	SSLEngine on
	SSLCertificateFile "C:\Certbot\archive\www.youpc.ro\cert1.pem"
	SSLCertificateKeyFile "C:\Certbot\archive\www.youpc.ro\privkey1.pem"
	SSLCertificateChainFile "C:\Certbot\archive\www.youpc.ro\fullchain1.pem"
	ServerName www.youpc.ro
	Alias /.well-known "X:/xampp/htdocs/youpc"

Thanks, and sorry again for a post same with other 101 on this forum.

MikeMcQ · March 21, 2023, 1:59pm

For modern versions of Apache you do not use SSLCertificateChainFile

Instead, for SSLCertificateFile use the fullchain.pem file

What version of Apache do you have?

Also, you should use the certs in the /live/ folder not the /archive/ folder.

This is one site to help test your certs. You can see right now you send duplicates.

Bruce5051 · March 21, 2023, 2:27pm

"SSL working on pc not mobile"
Which mobile? OS and OS Version.

ovi.a · March 21, 2023, 2:29pm

Hello and thanks for the fast reply.
I have running Apache 7.4.1.
Tried to modify SSLCertificateFile does the same. Deleted SSLcertchain line does the same.
In the live directory I have only sym files like shortcuts. Should i still use them?
Thank, sorry I am not quite that good with this stuff.

ovi.a · March 21, 2023, 2:30pm

Hello Bruce newest, version 13 android.
Thanks for the fast reply

Bruce5051 · March 21, 2023, 2:30pm

This might be of help Long (default) and Short (alternate) Certificate Chains Explained

Bruce5051 · March 21, 2023, 2:35pm

And here Hardenize Report: youpc.ro is showing NO http nor https

And using Let's Debug yields these results https://letsdebug.net/youpc.ro/1416080

ANotWorking
Error
youpc.ro has an A (IPv4) record (82.77.57.10) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.
A timeout was experienced while communicating with youpc.ro/82.77.57.10: Get "http://youpc.ro/.well-known/acme-challenge/letsdebug-test": context deadline exceeded

Trace:
@0ms: Making a request to http://youpc.ro/.well-known/acme-challenge/letsdebug-test (using initial IP 82.77.57.10)
@0ms: Dialing 82.77.57.10
@10000ms: Experienced error: context deadline exceeded

IssueFromLetsEncrypt
Error
A test authorization for youpc.ro to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
82.77.57.10: Fetching http://youpc.ro/.well-known/acme-challenge/m5qlIRwNnReuxAIi92yBwRTv3COsYHSC2zkqlXNr4u8: Timeout during connect (likely firewall problem)

ovi.a · March 21, 2023, 2:41pm

Thanks Bruce I stopped and restarted the server to try some things, thats why there is that error.
Now it says it is ok

Thanks

Bruce5051 · March 21, 2023, 2:45pm

Somewhat off topic:

However using this online tool https://check-host.net/ finds Permanent link to this check report several "Connection timed out".

Let's Encrypt uses Multi-Perspective Validation Improves Domain Validation Security - Let's Encrypt

Bruce5051 · March 21, 2023, 2:46pm

"SSL working on pc not mobile"
Can you give any more details of how it is not working on mobile?
Such as the error, are you trying with Chrome on Android or some other app?

ovi.a · March 21, 2023, 2:50pm

Sure do Bruce!
The classy : your connection is not private.
Attackers mught be trying to steal your information, passwords.
NET::ERR_CERT_AUTHORITY_INVALID
Screen

Thanks

ovi.a · March 21, 2023, 2:51pm

on default samsung galaxy browser

Bruce5051 · March 21, 2023, 2:53pm

Can you try Chrome?
I believe Samsung has their own web browser.

Also do you see the same IP Address for youpc.ro on the pc and the mobile?

ovi.a · March 21, 2023, 2:57pm

Haha you are a lifesaver Bruce!
I am plain stupid. Was trying to acces from an secured network (that was set up to prevent accces to server) in the same building with the server.
Thanks allot!
Can be closed, I am plain stupid.

Bruce5051 · March 21, 2023, 2:59pm

You can just mark one of the Posts in this thread as the solution, just use the checkmark as the pic below show (currently greyed out, because it is not checked).

system · April 20, 2023, 3:00pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.