0

I have godaddy ssl certificate for domain.There wasn't any problems with my SSL certificate and visiting my domain(Haven't receive any errors), but couple times(two weeks ago) when I visited site from other(mobile, tablet and desktop) devices(different internet) I received SSL warning. I tested my domain on sslshopper.com and in this system shows that everything is okay with our SSL(Expiry date in 200 days). But I tested my SSL in ssllabs.com and SSL got only C grade. Maybe you have any idea why such stuff happening? Is it possible that if we would change SSL to other one, there wouldn't be such error at all? Maybe you experienced something similar and you can help out. Because warning appears only sometimes and in different devices, but other than that everything is perfect

user1718607
  • 191
  • 1
  • 3
  • 14
  • 1
    If you expect a useful reply please add usable information, especially the hostname where one can check your problems. Otherwise you'll only get back, that there are probably some unknown problems with your site. Apart from that, it is not a programming question so serverfault.com might be more appropriate. – Steffen Ullrich May 18 '14 at 19:05
  • SSLLabs would also have given you a number of reasons for its C-grade mark. What were they? – Bruno May 19 '14 at 08:40

1 Answers1

0

When some client devices show problems, and others don't, it must likely because some client's don't contain the necessary Intermediate or Root Certificate Authorities to establish a chain of trust.

This is not the fault of the client device.

Rather, it is up to the server-side (ie. the side sending its certificate) to supply enough of the chain (ie. its certificate, and its CA certificate(s)) so that the client can use those to fill in the steps in the chain until it gets to a certificate that is signed by another certificate that it has in its trusted CA keystore.

You're very likely only supplying the server certificate.

Also possible, but generally less likely, is that the certificates are being offered by the server in the incorrect order.

To help you further, we would need to have some details as to what software is implementing the SSL server end-point.

Cheers, Cameron

Cameron Kerr
  • 1,725
  • 16
  • 23