We have a reverse-proxy service on our page onradr.com, where we installed the our certificates with the certbot.
Now, when we test our certificates on https://www.ssllabs.com/ssltest it says that the SSL chain is incomplete. Moreover the Chrome and Safari Browsers on iOS won’t accept our new certificate (we updated all our certificates after the LetsEncrypt Root-Certificate changed. Before our certificates did fine).
I found this post on SO: https://stackoverflow.com/questions/39471580/ssl-chain-incomplete/39471719 …which exactly describes our problem. We did change the cert.pem to fullchain.pem in our configuration with no luck.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Try DigitalOcean for free
Click below to sign up and get $100 of credit to try our products over 60 days!
Hi there,
Did you restart Nginx after you made the configuration change?
First, make sure to run a config test with:
And only if you get
Syntax OKthen restart the service:Also, I would recommend checking the
/etc/letsencrypt/live/your_domain.com/to verify that the full chain file is in there.Let me know how it goes. Best, Bobby