AnsweredAssumed Answered

Your SSL Server Test incorrectly reports an incomplete chain

Question asked by James Lampert on Mar 18, 2020
Latest reply on Mar 19, 2020 by James Lampert

On one of our customer sites, the certification path reports the intermediate CA certificate to be an "extra download" despite the fact that the keystore contains the complete chain, from the site certificate down to the root.Screen shot comparing SSLLabs report with KeyStore Explorer on same cert chain

 

I will note that I can find no difference in the keystore structure between sites that falsely report an incomplete chain (this is not the only one), and those that report a complete chain.

Outcomes