Problem Description
After I used Symantec's SSL from Alibaba Cloud on my website, I had no problem with both iOS and Chrome browsers. However, when I opened it through an Android phone, I found that "the certificate is not from a trusted authority" popped up, which is inexplicable. After agreeing, the opened web page is also very strange and misplaced. There is a sudden difference, and it is impossible for Ali's things to be unreliable.
Solutions
After a search, I found that there are SSL configuration check websites, but most of them do not support custom ports.
After some hard work, I found a perfect SSL checkpoint. After entering the domain name and port, the configuration of the domain name can be displayed.
https://www.geocerts.com/ssl_checker
After checking, the first four items are all correct, but the certificate chain of the fifth item is incomplete.
Solution
I found the problem, and after a series of bewildered stares, I thought of a magical problem.
The website uses nginx, but in the previous configuration, the apache certificate (.crt and .key) was assigned to nginx. Also notice that the apache certificate chain is a separate file, so. . . Disaster and sloppy yourself.
Quickly replace the wrong certificate and restart the service.
problem solved!
Below is the normal server SSL situation.
However, this kind of error cannot be found by the IOS system and Chrome, only the browser of the Android system can be found. Very puzzling.