Your connection is not private error on Android device
jamesread5737 at gmail.com
Mon Nov 14 22:49:18 UTC 2022
On Mon, Nov 14, 2022 at 10:34 PM Lukas Tribus <lukas at ltri.eu> wrote:
> On Mon, 14 Nov 2022 at 22:56, James Read <jamesread5737 at gmail.com> wrote:
> >> So the file needs to contain first your certificate and then the
> >> intermediate one.
> > OK. Thanks. I rearranged the file and deleted some certificates. Now
> sslabs is reporting no chain issues for Certificate #1: RSA 2048 bits
> Correct, a TLS session negotiated with SNI us.wottot.com is now
> correctly showing the intermediate certificate.
> You are not sending the root certificate here, which is also
> completely correct at this point.
> The previous poster is confused by the openssl output, which actually
> shows a correctly configured server (for the particular SNI value
> So all browsers and mobile devices should be able to connect to
> us.wottot.com now.
> > but for Certificate #2: RSA 2048 bits (SHA256withRSA) it is reporting
> > Chain issues Incomplete, Extra certs, Contains anchor
> This is a fallback for clients not matching us.wottot.com.
> You probably have a "default" ssl server in your configuration that is
> still pointing to a path that you did not cleanup. You should only
> define this certificate once in your nginx configurations, not
> multiple times in different server blocks.
OK. Problem solved. Thanks for your patience and your explanations.
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx