If your website is accessible via HTTPS in most browsers but untrusted error will appear on mobile browsers, it is possible that:
- the VirtualHost section of the .conf file on the server (httpd-ssl.conf, ssl.conf, virtual-host.conf, or *domain name*.conf in the /sites-available directory) for SSLCACertificateFile is either commented or pointed to another file of intermediate certificate
- the VirtualHost section of the .conf file is not configured to use the correct file or you already have a virtual host record configured for the same IP/port/server name as the one for which you are trying to install the SSL certificate
- If you use an Apache version> 2.4.8 the error may be caused by the lack of the bundle in the file specified in the SSLCertificateFile directive
Solution:
1. uncomment the line and make sure SSLCACertificateFile points to CAbundle.crt, then restart the Apache server
2. the problem can be caused by the .conf file pointing to a wrong intermediate SSL certificate; to identify the .conf files that have specific intermediate certificates, execute the command:
grep -r --include=*.conf 'SSLCACertificateFile' ./Make the desired changes and restart the Apache server.
3. Starting with Apache 2.4.8 the SSLCertificateChainFile directive becomes absolute. The chain for intermediate certificates must be added to the file with the domain certificate. Make sure you execute the following command after you receive the certificate files:
cat *yourdomainname*.crt *yourdomainname*.ca-bundle >> cert_chain.crAfter this operation, make sure cert_chain.crt is specified as SSLCertificateFiles in the VirtualHost file, then run the command:
sudo apachectl restartYou can verify the SSL certificate installation by using https://decoder.link/sslchecker/
