1

If I load my site with a desktop PC all is fine I believe and I get SSL working as it should:

https://www.rainbowchilli.co.uk

but if I browse to it with Chrome on a Galaxy S4 phone or a Nexus 7 tablet I get SSL errors - why would this be and how do I fix it please?

halfer
  • 19,824
  • 17
  • 99
  • 186
Andrew Soames
  • 51
  • 4
  • Provide more details about your server. – Pawel Gumiela Jul 13 '15 at 23:03
  • I'm voting to close this question as off-topic because it seems to be relevant to just the OP, on the basis that it relies on a specific URL belonging to the OP. – halfer Aug 29 '15 at 22:51
  • It's possible to make the question more general and associate it with a specific type of certificate - GeoTrust DV SSL CA - G4 in this case. Similar problem with GeoTrust - https://code.google.com/p/android/issues/detail?id=10807. If it's not part of the trusted certificates list in Android, it's problematic. We can omit domain itself. – Pawel Gumiela Aug 29 '15 at 23:14

1 Answers1

1

Analyze your certificate: https://www.ssllabs.com/ssltest/analyze.html?d=rainbowchilli.co.uk&latest

This server is vulnerable to the POODLE attack.

This server accepts the RC4 cipher, which is weak.

The server does not support Forward Secrecy with the reference browsers.

This server's certificate chain is incomplete.

The most likely reason for the error is that the certificate authority that issued your SSL certificate is trusted on your desktop, but not on your mobile.

This server's certificate chain is incomplete.

https://superuser.com/questions/347588/how-do-ssl-chains-work

That's how you can get list of trusted certificates in Android: Android: List of available trusted root certificates

Community
  • 1
  • 1
Pawel Gumiela
  • 1,992
  • 2
  • 20
  • 36