https://observatory.mozilla.org/analyze/papajohns.com.ec#tls distinguishes the Let’s Encrypt SSL used by Cloudflare as an untrusted or invalid certificate. However, this is not entirely true, you can check that Cloudflare SSL is valid using https://decoder.link/sslchecker
and the Name cheap SSL on the server also is working https://decoder.link/sslchecker/papajohns.com.ec/443
and Full (strict) SSL mode is enabled
But Mozilla and Burp identified the certificate as not trusted
The Mozilla observatory is referring to a certificate that’s just expired (6am UTC today), however the site itself is currently using a new certificate issued an hour before. It seems the certificate has just updated and the Mozilla observatory has cached and is reporting on the old one.
The Mozilla observatory has now picked up the new certificate.
They are not errors, it just shows which ciphers are supported.
[deleted]
No idea why it’s saying the certificate is not trusted, the one on the site seems acceptable to Safari, Chrome and Firefox and gets A+ from here…
https://www.ssllabs.com/ssltest/analyze.html?d=papajohns.com.ec&hideResults=on
OK, reading around it seems that this is a commonly reported problem with the Mozilla Observatory caused by being unable to handle this…
Your site is ok, this is just a checker producing the wrong result.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.
