On Mon, 14 Nov 2022 at 17:31, James Read <jamesread5...@gmail.com> wrote: > > I have configured SSL on a number of subdomains including > https://us.wottot.com > > On my PC I can view the resulting web page without any problems so this leads > me to believe the SSL configuration is correct.
Wrong, the intermediate certificate "Starfield Secure Certificate Authority - G2" is missing, instead you are sending 2 unnecessary root certificates "Starfield Root Certificate Authority - G2" and "Starfield Technologies, Inc. / Starfield Class 2 Certification Authority". Remove the 2 root certificates and add the intermediate certificate. It can work in some cases, based on whatever intermediate certificates your browser currently has in the cache. That doesn't make it a correct configuration. Use tools like the ssllabs ssltest or testssl.sh to check for chain issues: https://www.ssllabs.com/ssltest/analyze.html?d=us.wottot.com -lukas _______________________________________________ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
