On one of my recent projects, I was getting a message from Google Chrome saying: "The site's security certificate is not trusted!"
It was was a valid certificate in all other major browsers. And a few different computers running Chrome had no issues. So what gives?
Through some Googling, I learned this:
This could be because the SSL provider is using a new Root certificate that isn't included in the old browsers and devices. The error can usually be fixed by installing an Intermediate certificate that will link the new Root certificate to an old trusted certificate. Robert [SSL Certificate Not Trusted Error]
If your curious to learn more about intermediate certificates, GoDaddy has a decent explanation: What is an intermediate certificate?
How to Fix
For Apache, you need to add the following to your configuration:
For Nginx, there's a little more work to do the same thing. You need to concatenate your existing certificate file with the intermediate certificate to produce a new certificate file, which you will as your new certificate.
cat example.com.crt gd_intermediate.crt > example.com-combined.crt
Then in your nginx configuration file you can change