Page 1 of 1

https issue

Posted: Sat 09 Oct 2021 4:59 pm
by Dennisdg
My Samsung tablet powered by Andriod using the Chrome browser has decided that my website (https) connection is not private and gives the following message ‘NET::ERR_CERT_AUTHORITY_INVALID’ I can get round this issue by selecting ‘Advanced’ then ‘Proceed to g4glp.co.uk (unsafe)!

The tablet is a few years old and runs Android 7.0, but has worked fine until a week ago. Later Android versions not available for this tablet.

My mobile phone running Android 11 doesn’t have this issue nor does Windows 10’s Chrome and Edge browsers.

My web hosting company automatically renews the https certificate every 90 days and confirms it is good.

So I’ve worked out it has to be an Android Chrome issue however the Chrome browser version reports it’s up to date. There doesn’t seem to be a way to delete the browser and reinstall.

Suggestions welcome (apart from buy a new tablet!).

Thanks

Re: https issue

Posted: Sat 09 Oct 2021 5:44 pm
by saratogaWX
If your website was using Let's Encrypt certificate, the issue may be due to the expiration and replacement of a superior CA Certificate in the Let's Encrypt chain of CAs.

See https://letsencrypt.org/docs/dst-root-c ... mber-2021/

for more info.

Checking your site does show it's a valid Let's Encrypt certificate, and my browser (Firefox) had no problem in displaying it with a closed padlock (secure).

It may be that your Android tablet's browser hasn't quite refreshed the set of root CAs yet, so the new Let's Encrypt cert is shown as not valid.

Re: https issue

Posted: Sat 09 Oct 2021 5:54 pm
by freddie
It's not the browser - it's the operating system that needs to update its root certificates. With Android 7 that is not likely to happen, unfortunately.

Re: https issue

Posted: Sat 09 Oct 2021 6:00 pm
by Dennisdg
Thanks for the link

Yes it does use Let's Encrypt. I'll try and understand the documentation!

Currently Domain Validated
Expires on November 27, 2021

freddie, that's a shame.

Thanks anyway

Re: https issue

Posted: Tue 12 Oct 2021 7:49 pm
by Dennisdg
Well, it seems Let's Encrypt and my early Android tablet have sorted out their differences. Working back to normal.

Re: https issue

Posted: Tue 12 Oct 2021 8:04 pm
by mcrossley
I've had problems with my rPi install of CMX uploading to Windy - failing with an SSL error. Windy uses LetsEncrypt too. Refreshing the certs on my rPi did not seem to fix it, and removing the old DST_Root_CA_X3 cert yesterday didn't either. But today after doing nothing else it is working again!

Certs! :bash: