My domain is: goodpolyamory.com
I ran this command: I use Dehydrated for generating certs automatically
It produced this output: The fullchain / privkey files, as always
My web server is (include version): Nginx 1.16.1
The operating system my web server runs on is (include version): Ubuntu 16
My hosting provider, if applicable, is: Self-hosted
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): Whatever Dehydrated uses!
So I've got a bunch of domains, and all of the certs appear to be working correctly! I've generated a cert for goodpolyamory.com and Chrome shows the lock, but the SSL checker shows that there's something wrong.
TLS Certificate is not trusted
The certificate is not signed by a trusted authority (checking against Mozilla's root store). If you bought the certificate from a trusted authority, you probably just need to install one or more Intermediate certificates. Contact your certificate provider for assistance doing this for your server platform.
This is the first time this has happened and I'm not sure what the issue is, everything appears to be configured correctly.