"The certificate is not trusted in all web browsers..."

I have dozens of websites on the same server, they are pretty much clones of eachother and they all started to display this error on GTmetrix:

### The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. [Learn more about this error](https://www.sslshopper.com/ssl-certificate-not-trusted-error.html). The fastest way to fix this problem is to contact your SSL provider.

I found other threads about it but couldn’t understand how to fix the problem based on them.

My domain is: www.reciclandobh.org

I ran this command: sudo certbot certonly --webroot -w public -d www.reciclandobh.org -d m.reciclandobh.org -d reciclandobh.org

It produced this output:

 - Congratulations! Your certificate and chain have been saved at:
   Your key file has been saved at:
   Your cert will expire on 2019-02-14. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

The operating system my web server runs on is (include version): Ubuntu 14.04.5

My hosting provider, if applicable, is: Amazon

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

You’re using Apache, right?

What version of Apache is it? What certificate configuration are you using?

If you’re using Apache 2.4.8 or newer, it should be:

SSLCertificateFile /etc/letsencrypt/live/www.reciclandobh.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.reciclandobh.org/privkey.pem

If it’s older, it should be:

SSLCertificateFile /etc/letsencrypt/live/www.reciclandobh.org/cert.pem
SSLCertificateChainFile /etc/letsencrypt/live/www.reciclandobh.org/chain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.reciclandobh.org/privkey.pem


I’ll update the addresses

seems to have worked with these addresses, I’ll update the other websites, thank you

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.