30 Oct How to fix incorrect order certificate chain warning
It seems that Godaddy issued SSL certificate is a little bit special when uploading to the different servers.
Last time, we have fixed the SSL certificate Chain issues: contains anchor,
This time we have identified another SSL certificate issue from SSLLabs when uploading in cPanel.
Chain issues: Incorrect order
As we can see that our server is sending out “Go Daddy Root Certificate Authority – G2” first, and then “Go Daddy Secure Certificate Authority – G2” second.
Let’s recall what we uploaded in cPanel:
As you can see above, we followed Godaddy’s instructions uploaded the gd_bundle-g2.crt certificate chain file onto cPanel.
Let’s try leave the “Certificate Authority Bundle: (CABUNDLE)” black/empty since cPanel suggested that “In most cases, you do not need to supply the CA bundle because the server will fetch it from a public repository during installation.”
Unfortunately we still getting the same warning message.
Now, let’s try one more time with ONLY Intermediate certificate, like what we did in AWS EC2 server
In Summary, in order to fix all different kinds of certificate chain issue from Godaddy certificate, the best practise is always uploading the intermediate called gdig2.crt from Godaddy Certificate Repository