1

I get the ERR_CERT_AUTHORITY_INVALID error only on a specific website, only on one Android phone, only using Chrome mobile.

  • the site works (i.e. https is accessible without error) with every other device, also on Chrome mobile
  • the site works on the same Android phone using another browser (tried with Firefox, DuckDuckGo browser)
  • other sites work on the same Android phone, on Google Chrome

To me this indicates a sudden issue with Chrome mobile on this specific phone, on this specific site. Everything is up to date, and the site worked until an hour ago. No changes happened on the phone (i.e. new updates) that would imply a connection.

What I tried to no avail, in the following order:

  • using incognito
  • empty cache, cookies
  • full uninstall and reinstall of Chrome
  • factory reset the entire phone

Any idea how I go about troubleshooting this?

Improve this question
5
  • 2
    Firefox as far as I know uses an own list root-CAs. Chrome uses the one from the Android system. Most likely you are facing problems because of the Let's Encrypt root CA change (one old certificate expired AFAIR on Oct. 1st). What Android version is running on that phone?
    – Robert
    Commented Oct 4, 2021 at 8:37
  • I think you're onto something. The site in question indeed uses a Let's Encrypt certificate, and the Android version is oldish - 6.0
    – user624722
    Commented Oct 4, 2021 at 9:32
  • For Android there should be a cross signed alternative root CA certificate. But as far as I know it is possible that a server sends the wrong certificate chain. You can check your device if the system certificate list contains an DST Root CA X3 entry.
    – Robert
    Commented Oct 4, 2021 at 11:20
  • I did locate the certificate in question and disabled it, but it didn't seem to do the trick. However, I noticed something else: sometimes I do get through, without error, if I directly type a page url, rather than the top domain (e.g. example.com/example.html, rather than example.com). But it's not every time, I can't reliably replicate it.
    – user624722
    Commented Oct 4, 2021 at 13:15
  • 1
    Sounds like an load balancer with inconsistent configured servers behind.
    – Robert
    Commented Oct 4, 2021 at 15:01

0

Reset to default

You must log in to answer this question.