× SSL247 joins forces with Sectigo CA - Find Out More...
Our accreditations and awards:
Cookies
0 items Total $0

Knowledge Base

  

Untrusted Certificate Error on Android

If the certificate is not installed correctly; the certificate needs to be chained back to the Addtrust root certificate in order to be trusted on the Android.

The issue is that the Windows server is not presenting the complete certificate chain; clients which do not have the complete certificate chain will result in this error as encountered on the Android phone. In order to resolve this, on the server where this certificate is installed on, please open the MMC (Microsoft Management Console), and add the certificate snap-in for the computer account on the local computer.

In the Intermediate Certification Authorities folder, verify if the Comodo RSA Domain Validation Secure Server CA and Comodo RSA Certification Authority (issued to Comodo RSA Certification Authority, by AddTrustExternal CA Root) are installed in this certificate store.

The Trusted Root Certification Authorities folder verify if the AddTrustExternal CA Root is installed. Also, if you see the Comodo RSA Certification Authority (issued to and by Comodo RSA Certification Authority with an expiration date of January 18, 2038) present, please delete this certificate.

  • If any of these certificates are missing the intermediate and root certificates (which were provided to you in the .zip file when the certificate was issued) can be found here
  • If you had to delete the Comodo RSA Certification Authority from the Trusted Root Authorities folder, you will also need to disable automatic root certificate updates on the server
  • If you have performed these steps and the certificate chain has not updated on the server, to force IIS to update the certificate chain you will need to either change the certificate binding in IIS to another certificate, and then switch the certificate bindings to the correct certificate. Alternately, you will need to restart the server.