dreamax 7 Report post Posted November 11, 2016 Hi there, you forgot to include an intermediate in your globalsign certificate chain which could lead to an "Certificate Not Trusted" error, while visiting your site via https. Since you are using nginx, you can easily add it to your valkyrie-wow.org certificate as certificate bundle. See https://support.globalsign.com/customer/en/portal/articles/1290470-install-certificate---nginx https://support.globalsign.com/customer/portal/articles/1464460-domainssl-intermediate-certificates Your certificate bundl should then look like (root certificate is not needed): -----BEGIN CERTIFICATE----- MIIIgDCCB2igAwIBAgIMKiDi+Q44S5YbSfaIMA0GCSqGSIb3DQEBCwUAMGAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN MTYxMDIxMTkwNTQ1WhcNMTcxMDIyMTkwNTQ1WjBCMSEwHwYDVQQLExhEb21haW4g Q29udHJvbCBWYWxpZGF0ZWQxHTAbBgNVBAMTFHd3dy52YWxreXJpZS13b3cub3Jn MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlxaVnjJOj8xH0Wlnx5uu VM8/VFU0HCqB+TsjKCpdW43oFZXEG5LABFbE99ddE1nItclu4Y4dBS1lQQdNj5hg eMH6Eqz4hW+eAOIqaxaRd00/e+rapsWwjC5Ym8L6BIAED2wRUrTYQ2YKMN01KgPM WAn/6cNRhoxeBXzRGvCuFDjWLK4TZecpcxtCgVuueU+yX38QfDhhuuv7c8l8f2hW boHHAo0JzottHXoiCC2p4mSRaF/d3yRAMJLwbmBYyOv3nZRSAUAInxFLR6r+vtPa R+rMVrLNwIAs7pnwLLpI4hvFSCO+U+0gtnB6oLcP5EQHz+YwOv0uKiCCywR1fNq8 JDA7z8k2CR5fAi5rLmnC0YRnwn2FQRka5qYQFB/sWAIS/GjnKPfwBpn83LRnp/UL qG3hy2XKQ0PTUjJ9V2NPC36DADplZ+UAOrpDu1jkcCua0bqWjxwR+Ncqq8OLQmMH EGcufftODKHo8fIflZdlVIYmEy2o6Plpl+2ZBWlq786o5ovNxeQlxOthB2hdPeCA pyZQaLx4d87ubcRoiHGy2WWzFH0yC0RXIe5PjXSN7VasRt9934bsLUuf6zk008EM Iv/ZKW6m9YBvYRigDv4GDYzMACr46JlHgpENVEj2WzaXPdhoSs7CfznMR+cgnPAO nPM5Vx5yHszPw0mru6f8bmsCAwEAAaOCBFYwggRSMA4GA1UdDwEB/wQEAwIFoDCB lAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xv YmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsG AQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxz aGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0 cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkG A1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWdu LmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwMQYDVR0RBCowKIIUd3d3LnZh bGt5cmllLXdvdy5vcmeCEHZhbGt5cmllLXdvdy5vcmcwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSIl5MgmJPvLf85Ppu31NAKQdSa7jAf BgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzCCAm0GCisGAQQB1nkCBAIE ggJdBIICWQJXAHUAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFX 6KKGFAAABAMARjBEAiBKNTe5szrdsGU9t2PwdA9YQPuwNFYsVgrjMx2Itm5mCgIg CGeOnCx6IfCrBf1WmOM3fGGLL0RBFiYM23d3L059e0kAdgDd6x0reg1PpiCLga2B aHB+Lo6dAdVciI09EcTNtuy+zAAAAVfoooZsAAAEAwBHMEUCIGi/Fq/jCO80lvWA zO2uYT7CsaSXSJcWuLqhitsjp8BbAiEAx7NBUZxHzxs84hfeuvYnpQBoBsNXn7b7 C60OF/5PEo8AdgBo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7xAAAAVfo oob6AAAEAwBHMEUCIQD9PUBLOuQ+qUq0Wv6ybsgzXJR4JBvl7aCoIe1Mv6N05AIg Iq3UJU3O2H6HrhibjmMs60wNub+ShovT8zAlgRL4i/0AdQCkuQmQtBhYFIe7E6LM Z3AKPDWYBPkb37jjd80OyA3cEAAAAVfooogGAAAEAwBGMEQCIH89KEErIKV+AAUR 9sIbdd57xmw67qN9giiOwUa/SL+4AiAHBP2gKWhgr0Uh6veHp35RNDb5PESVCOgo pRwXx1borAB3AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABV+ii iogAAAQDAEgwRgIhAMYoJlJ8PhbvBtcREFiw29kst/5PA+fYJhZ706Nr9LKcAiEA 1Ya1VTxiinhqzXY6BSLg5E+59LjwFr88d4y7xrOTwAAwDQYJKoZIhvcNAQELBQAD ggEBAGyz1EcIZdd9aV+NpPPwhFOJIefiexLqAMW4X2ySgX4UMbWFfIQW09A/DS9w lgKzPgaMqdfxnqrsZj5Tky5c0vssSkT2RLD1MX/kL9R764ozJ6IFkB6RL67RH31o 5ypnetRgoXY/6qwsgU26gAZhxndrFyboblSJTUFF5FCvePHljpMaNELnPzZ5E5V+ IM/TgzdFMVxfYqdsnj6spWATUmkxzJEPQgXhdT3rjCRJx932/+5uj/Q+QAHqIhDt 78yn8M/1dXD3e+2v+wdoRXjQV1x17tz4CzmfiKxet+AOEexVDCQDZd40sQ+Im9Lf qWFRovwKpLFzKLnMzcPDPFLRaKk= -----END CERTIFICATE----- -----BEGIN CERTIFICATE-----MIIEYzCCA0ugAwIBAgILBAAAAAABRE7wPiAwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAwMDBaFw0yNDAyMjAxMDAwMDBaMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp3cwOs+IyOd1JIqgTaZOHiOEM7nF9vZCHll1Z8syz0lhXV/lG72wm2DZCjn4wsy+aPlN7H262okxFHzzTFZMcie089Ffeyr3sBppqKqAZUn9R0XQ5CJ+r69eGExWXrjbDVGYOWvKgc4Ux47JkFGr/paKOJLu9hVIVonnu8LXuPbj0fYC82ZA1ZbgXqa2zmJ+gfn1u+z+tfMIbWTaW2jcyS0tdNQJjjtunz2LuzC7Ujcm9PGqRcqIip3ItINH6yjfaGJjmFiRxJUvE5XuJUgkC/VkrBG7KB4HUs9ra2+PMgKhWBwZ8lgg3nds4tmI0kWIHdAE42HIw4uuQcSZiwFfzAgMBAAGjggElMIIBITAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU6k581IAt5RWBhiaMgm3AmKTPlw8wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjEwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQELBQADggEBANdFnqDc4ONhWgt9d4QXLWVagpqNoycqhffJ7+mG/dRHzQFSlsVDvTex4bjyqdKKEYRxkRWJ3AKdC8tsM4U0KJ4gsrGX3G0LEME8zV/qXdeYMcU0mVwAYVXEGwJbxeOJyLS4bx448lYm6UHvPc2smU9ZSlctS32ux4j71pg79eXw6ImJuYsDy1ojH6T9uOr7Lp2uanMJvPzVoLVEgqtEkS5QLlfBQ9iRBIvpES5ftD953x77PzAAi1PjtywdO02L3ORkHQRYM68bVeerDL8wBHTk8w4vMDmNSwSMHnVmZkngvkA0x1xaUZK6EjxS1QSCVS1npd+3lXzuP8MIugS+wEY=-----END CERTIFICATE----- 0 Share this post Link to post Share on other sites
Shaylin 6 Report post Posted November 11, 2016 Is this why I can sometimes not view the forums on my phone because of the cert issues? 0 Share this post Link to post Share on other sites
Theo1143 2 Report post Posted November 11, 2016 Is this why I can sometimes not view the forums on my phone because of the cert issues? It all depends on which browser you phone is using, for example a windows phone using chrome won't have this issue. While a Iphone using safari will have this problem. 0 Share this post Link to post Share on other sites
Shaylin 6 Report post Posted November 11, 2016 It all depends on which browser you phone is using, for example a windows phone using chrome won't have this issue. While a Iphone using safari will have this problem. Tried Chrome on my iPhone, safari, it always says Cannot open the pge because it could not establish a secure connection to the server. 0 Share this post Link to post Share on other sites
Theo1143 2 Report post Posted November 11, 2016 Tried Chrome on my iPhone, safari, it always says Cannot open the pge because it could not establish a secure connection to the server. Have you checked the settings from chrome itself? Being honest I've got no clue, especially because my windows phone has no issues with this whatsoever. However I've had a Iphone for the past 2 years before i changed to a windows phone last month. And I've always had problems with even connecting to secure connections, apple loves the illusion of security. (But ye as said, "maybe" there is an options somewhere to allow you to connect to unsecured sites) 0 Share this post Link to post Share on other sites
dreamax 7 Report post Posted November 13, 2016 This problem has been partially fixed. You've added the intermediate and the root certificate. The last one (root) is already in the browser trust store and dont need to be trasmitted. (only cert+intermediate, see my first post) 1 Share this post Link to post Share on other sites
Athena 3 Report post Posted November 13, 2016 (edited) And to think that Let's Encrypt (https://letsencrypt.org/) does all the magic for you and includes auto-renewal scripts for close to every webserver (including NGINX)... Edited November 13, 2016 by Athena 0 Share this post Link to post Share on other sites
dreamax 7 Report post Posted November 14, 2016 This problem has been fixed. 1 Share this post Link to post Share on other sites
