HTTPS Site causes NET::ERR_CERT_AUTHORITY_INVALID error for only one user


#1

We have a subdomain that is configured for HTTPS on CloudFlare which works fine and loads for just about everybody except for one client who gets the above “Invalid Certificate Authority” error.

The hostname is configured for Domain and HTTP Proxy through CloudFlare (Orange icon in DNS). Our SSL Setting is set to Flexible. We have a custom Page Rule to force HTTPS for this hostname.

SSL Checking tools seem to indicate the certificate configuration is OK:

https://www.sslshopper.com/ssl-checker.html#hostname=reporting.advally.com

The DNS and SSL settings were configured almost a month ago (Feb 8th) and hasn’t changed since. The site has worked correctly for dozens of people, except this one person. It always fails with the same error in Chrome and IE. Here is a screenshot of the error with presented certificate:

What could the issue be?

  • The configuration works perfectly for over 2 dozen other users.
  • It’s unlikely to be a propagation issue, nothing has changed for a month.
  • Could some users possibly have a problem with the certificate issuer?

Can I verify the certificate he’s getting is legit and hasn’t been intercepted? I don’t have any explanation for why his certificate issuer is “FGT50E3U16019697”.

Any ideas? Thanks!


#2

Is he connecting from a corporate network? This could be an issue with a man in the middle proxy which has a screwed up certificate and/or they have a jacked up custom list of trusted CAs they deploy on their workstations.

If he continues on to the page and inspects the certificate in the developer tools are there any additional details?


#3

I will have to ask on both counts. Unfortunately they are not very tech savvy. What details from the certificate would be useful?


#4

Ideally it would be useful to see the details from the certificate screen. 53


#5

This topic was automatically closed after 14 days. New replies are no longer allowed.