How to troubleshoot SSL Certificate Chain Issues
SSL Certificates can be trusted on a main browser and function correctly, however, it can still have chain issues. This problem can result in the application failing, especially on mobile devices and other browsers, as the certificate will be deemed untrusted.
To identify the chain issue:
- In your browser, go to https://www.ssllabs.com/ssltest/index.html
- Run SSL Server Test.
- Once the SSL test is completed, under Additional Certificates, if there is a chain issue it will state Chain Issues Incomplete.
To resolve the chain issue:
Search your Certificate Authority's (CA) website to download their intermediate CA file. This file links all of the trusted CA certificates needed to reach the root certificate. When this Intermediate CA file has been downloaded, you must upload it to the LoadMaster. For more information, refer to: How To Import SSL Intermediate Certificates To Your LoadMaster.
Once you upload the intermediate CA file to the LoadMaster, run the SSL server Test again to resolve the chain issue.