SSL certificate is not signed by a trusted Certificate Authority.
sudo certbot --nginx -d example.com -d www.example.com
Free, trusted SSL certificates with automatic renewal.
Untrusted-certificate failures often hit only some clients. An ObserveOne check requests your endpoint from outside, with no cached intermediates, so a chain problem fails the check even while your own browser still loads the site.
Start Monitoring FreeThe browser cannot establish a secure SSL/TLS connection because the server and browser cannot agree on a protocol version or cipher suite.
SSL certificate has expired or is not yet valid.
Server and browser cannot agree on SSL/TLS protocol version or cipher suite.
Domain name doesn't match any domain in the SSL certificate.
SSL/TLS handshake between client and server failed to complete.