But a click in the browser on everything seems to be fine
I tried to check the encoding of a picturec using curl, because I thought that the problem was in the kitten's encoding, since I noticed the problem itself after Facebook stopped parsing pictures when sharing
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
I apologize in advance, I'm not very good at this. I will be glad for any help
Modern browsers are really good at fixing incorrect configurations. In this case, most modern browsers will automatically correct the chain, but other clients will not.
In your case, the server given sends a certificate chain that is incredibly old; that is, it's sending a chain that Let's Encrypt stopped using in 2016 (it's sending the very old X1 intermediate).
The server in question needs to use the chain delivered by the ACME client. From the very old intermediate certificate it serves we can see that the chain was manually set by someone, which is incorrect.
If this is your server, you should first state what ACME client (e.g certbot) you're using and what your webserver (e.g nginx) is. Next we can look at your current configuration and what needs to be done to fix it.
Everything has already been installed before me, I was just looking for the reason why the picture does not work when sharing on Facebook, so I say that I have no experience with ssl. I access the server via ssh.
In this case we might want to have a look at where your certificates currently are. For that we need to look at the nginx configuration.
sudo nginx -T
should print the entire nginx configuration, which can potentially be rather large. We're interested in config lines that contain the text ssl_certificate.
There is no Vesta Control Panel, as I understand it at this stage through the console it can not be fixed in any way and you need to write to the hosting support?
Hello! I have access to the whist panel, tell me, can I somehow fix ssl with those who have access and seeing this page https://i.imgur.com/JykbZbc.png or maybe find out the reason for the certificate robots error. Or would it be easier to install ACME and generate a new certificate? Once again, I apologize, I am not competent in these matters((
