State of the certificates' support and trust short report


#1

Dear community!

After half a day of using a certificate (a live stream from a bird feeder at https://birdfeeder.online/) here are some thoughts about the certificate trust level.

In short: most, if not all, desktop browsers accept the certificate without questions. In the same time, most, if not all, mobile browsers complain about untrusted certificate.

What are your observations on the topic?


#2

I am not sure if this works for everyone but @jpbe helped me out by explaining that for mobile browsers you also need to set the CertificateChain in your apache/nginx (think also nginx at least) config file. I had the same error and now it’s solved :smile:


#3

Maybe you can check your domain with https://www.ssllabs.com/ssltest/
There you can see some details about your installed ssl cert.


#4

Just found a perfect solution by @Jpbe in a neighbour post: Mobile browsers security error

For nginx, it will be

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

instead of

ssl_certificate /etc/letsencrypt/live/example.com/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

(added the solution here for a case somebody coming from Google)


#5

@jpbe, I’ve rechecked my site and now it’s of “A+” grade instead of yesterday’s “B”.
Thank you VERY much!