All operating systems contain a set of default trusted root certificates. But Certificate Authorities usually don't use their root certificate to sign customer certificates. They use so called intermediate certificates instead, because these can be rotated more frequently.
If not all intermediate certificates are installed on your server, some clients —mostly mobile browsers— will think you are on an insecure connection. This results in 'untrusted' warnings
To avoid such warnings, a server should always send a complete trust chain. The trust chain contains your certificate concatenated with all intermediate certificates.
大哥你证书链没配好 Android 访问提示证书错误
哇,吓了一下…原来是来自lwl12的站长君…
膜拜膜拜ヾ(*´∀`*)
弱弱的问一下什么是证书链呢?
All operating systems contain a set of default trusted root certificates. But Certificate Authorities usually don't use their root certificate to sign customer certificates. They use so called intermediate certificates instead, because these can be rotated more frequently.
If not all intermediate certificates are installed on your server, some clients —mostly mobile browsers— will think you are on an insecure connection. This results in 'untrusted' warnings
To avoid such warnings, a server should always send a complete trust chain. The trust chain contains your certificate concatenated with all intermediate certificates.
好,现在已经修复了
谢谢大神~
您与 http://www.fallprojects.org 之间的连接采用新型加密套件进行了加密。而且,此页中包含其他不安全的资源。他人能在这些资源传输过程中进行查看,攻击者也可以修改这些资源,从而改变此页的外观。
好,把资源转移到服务器上了,现在应该解决了