I’m trying to configure SSL certificate with Let’s Encrypt (from sslforfree.com), but after configuring, some customers complained about “Privacy Error”, specifically, one error was ERR_INVALID_CERT. Most of the complaints came from Chrome on Android. Windows 7 and up rendered green lock. Windows XP SP3 - rendered red, but after manually importing the certs to the customer’s PC, it rendered green.
My setup is on two servers:
Server A has: www.masterclub.es, es.octopon.me, …
Server B has: www.masterclub.co.il, octopon.me, …
I issued an SSL certificate with the help of sslforfree.com, that contains all of the domain names (17 in total), and bound it to all the sites in IIS, on both servers.
Some time before this trouble, I used the certificate only on Server B, and there were no complaints. So my suspicion is regarding the use of the same SSL certificate, on two different servers (and IP’s), whose reverse DNS records are different as well (I don’t know if it matters for validating a certificate…).
Please advise on the correct strategy of deploying ssl certificate(s) - should I issue one per server, or one per each domain, or one for all is good enough, or is it something else?
Also what could be the cause of ERR_INVALID_CERT on a few clients.
Please note, that I removed ssl from www.masterclub.es for now (production environment) .
While test.masterclub.es is still under ssl, and the privacy errors happened there as well, when i was testing from my android in chrome. Actually it still happens, i just checked. The error is ERR_CERT_AUTHORITY_INVALID.