Hello, One of my website hosted on my server with ISPConfig is flags as "unsafe site" by Chrome Android. The Let's Encrypt certificate is valid, and there are no mixed content. TLS Certificate has not been revoked OCSP Staple: Good OCSP Origin: Good CRL Status: Not Enabled TLS Certificate expiration The certificate expires March 16, 2022 (73 days from today) Certificate Name matches MyWebiste.tld Subject MyWebiste.tld Valid from 16/Dec/2021 to 16/Mar/2022 Issuer R3 Subject R3 Valid from 04/Sep/2020 to 15/Sep/2025 Issuer ISRG Root X1 Subject ISRG Root X1 Valid from 20/Jan/2021 to 30/Sep/2024 Issuer DST Root CA X3 TLS Certificate is correctly installed I have many other websites hosted on this server, and they are not flags as "unsafe site" by Chrome Android. I wonder if the issue can be generated by the fact that is the only website who have a second subdomain other than www. MyWebiste.tld ; www.MyWebiste.tld ; subdomain.MyWebiste.tld When I installed this subdomain I generated a certificate for it. Best Regards Nexus
That's not related in my opinion. I guess the android version must be really old so that it does not has the root certificates that LE uses in it's certificate store, so nothing wrong with the server or it's setup then.
@ahrasis @till The android Chrome version is 96.04664.104. This issue appear only if the option "Always use secure connection" is on. The fact that I have a subdomain other than www is the only difference with the other website hosted on this server. That very strange.
https://support.google.com/chrome/answer/99020?hl=en&co=GENIE.Platform=Android Manage warnings about unsafe sites You'll see a warning if the content you're trying to see is dangerous or deceptive. These sites are often called "phishing" or "malware" sites. So this is not about https at all.
I check my website with Google Console and I do not have any security issue on both website (main domain and subdomain) ... I will try to contact google if I can find how to do that
