NET:ERR_CERT_AUTHORITY_INVALID on android (mobile)

sklep8 · May 25, 2023, 7:03am

I have a problem with displaying the SSL certificate on Android phones: Huawei P smart, FIG-LX1, PRA-LX1, Samsung S10+. NET:ERR_CERT_AUTHORITY_INVALID appears. On other devices it’s ok. I know that Cloudflare made changes to our certificate on May 17th. Request for help.
ps. I’ve disabled SSL and re-enabled but that didn’t help

sklep8 · May 25, 2023, 7:25am

“ssl shopper” shows tak everyting is ok but it’s not on some mobile…

sklep8 · May 26, 2023, 6:42am

If I buy Advanced Certificate Manager, will it help to fix this error? Has anyone managed to fix this error yet?

sandro · May 26, 2023, 6:44am

@sklep8, while not directly related to the proxy issue here, you do have a general security issue as you selected an insecure legacy mode here. Make sure it is Full Strict, otherwise you have no proper encryption and verification.

sklep8 · May 26, 2023, 6:56am

ok but it requires a trusted CA or Cloudflare Origin CA certificate on the server

sandro · May 26, 2023, 6:56am

Of course, it requires a valid certificate. Without a valid certificate, you do not have any security to begin with.

sklep8 · May 26, 2023, 7:07am

It perfectly works before Cloudlfare changed our SSL provider from Let’s Encrypt to Google Trust Serivces LLC (problematic) without asking for any confirmation.

sandro · May 26, 2023, 7:08am

Afraid, it can never perfectly work with that encryption mode for aforementioned reasons. Even more so if you have no secure server.

sklep8 · May 26, 2023, 7:11am

ok, so please tell me what should i do step by step. Thank you

sandro · May 26, 2023, 7:14am

Fixing the encryption issue is easy.

Switch the encryption mode to Full Strict
Configure a proper certificate on your server. Contact your host if necessary

Why you should choose Full Strict, and only Full Strict has more on that.

sklep8 · May 26, 2023, 12:33pm

My SaaS support notice me that i can’t change it to FULL Strict

Can anybody help me?

sandro · May 26, 2023, 12:36pm

Personal recommendation, don’t accept their response. They are essentially telling you they cannot secure your site.

sklep8 · May 26, 2023, 12:31pm

I have same problem. I think that only @Cloudflare can change it

sklep8 · May 29, 2023, 5:55am

I have same problem. Please let me know if desabling Uniwersal SSL worked.

sandro · May 29, 2023, 6:24am

Have you fixed the encryption mode already?

sklep8 · May 29, 2023, 6:27am

the problem is still not resolved…

sandro · May 29, 2023, 6:27am

Then I would start by fixing the encryption mode.

sklep8 · May 30, 2023, 7:01am

i’ve solved this problem - just disable universal SSL and turn off SSL encryption for few minutes. Then you have to all turn on.
best regards and thanks for you replies

sandro · May 30, 2023, 7:05am

That may solve the proxy certificate, but it does not fix the server certificate.

You still need to configure a proper certificate and set the correct encryption mode to Full Strict, otherwise the site still has no encryption.

system · June 2, 2023, 1:43pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Net::err_cert_authority_invalid on some phones Website, Application, Performance	20	1678	May 14, 2023
Err_cert_authority_invalid Security	2	870	June 13, 2023
Ssl not working on 1% (website not secure) Security	8	3426	October 10, 2021
Invalid SSL Cert on Samsung browsers when proxy is enabled Website, Application, Performance	1	883	May 19, 2023
Certificate not trusted Security	3	771	June 18, 2023

NET:ERR_CERT_AUTHORITY_INVALID on android (mobile)

Related topics