Have been troubleshooting for a few hours now, thought I’d use the meta site as well.
I have a domain SSL cert from Namecheap (Comodo). I appended the intermediate certs to the main cert and am now using that as the listed ssl.crt in use by nginx. However each android device I have refuses to accept that the SSL is valid.
Any thoughts or other experience with this?
If there are several intermediary CA certificates, make sure to append them in the correct order, from most specific (i.e. your own certificate) to least specific (i.e. the top-most intermediary CA certificate).
For instance, if the certificate chain is:
then the CA bundle file must contain these certificates excluding the root CA’s certificate in reverse order, starting with yours, then the reseller’s intermediary, reseller’s sub-ca, and so on.