SSL cert “err_cert_authority_invalid” on mobile chrome only

Question

Domain: https://www.amz2btc.com

Analysis from SSL Labs: https://www.ssllabs.com/ssltest/analyze.html?d=amz2btc.com

All my desktop browsers open this fine. Mob

Answer 1

For those having this problem on IIS servers.

Explanation: sometimes certificates carry an URL of an intermediate certificate instead of the actual certificate. Desktop browsers can DOWNLOAD the missing intermediate certificate using this URL. But older mobile browsers are unable to do that. So they throw this warning.

You need to

1) make sure all intermediate certificates are served by the server

2) disable unneeded certification paths in IIS - Under "Trusted Root Certification Authorities", you need to "disable all purposes" for the certificate that triggers the download.

PS. my colleague has wrote a blog post with more detailed steps: https://www.jitbit.com/maxblog/21-errcertauthorityinvalid-on-android-and-iis/