How Do I Fix an Incomplete Certificate Chain?
If the certificate provided by the certificate authority is not found in the built-in trust store on your platform and the certificate chain does not have a certificate authority, the certificate is incomplete. If you use the incomplete certificate to access the website corresponding to the protected domain name, the access will fail.
Use either of the following methods to fix it:
- Make a complete certificate chain manually and upload the certificate.
- Upload the correct certificate.
The latest Google Chrome version supports automatic verification of the trust chain. The following describes how to manually create a complete certificate chain (using a Huawei Cloud certificate as an example):
- View and export the certificate.
- Click the padlock in the address bar to view the certificate status.
- Locate the row that shows Secure Connection, click , and click Valid Certificate in address bar.
- Click the Details tab. In the lower right corner of the page, click Copy to File... to export the certificate to the local PC.
- Check the certificate chain. Open the certificate you export. Select the Certificate Path tab and then click the certificate name to view the certificate status.
Figure 1 Viewing the certificate chain
- Save the certificates to the local PC one by one.
- Select the certificate name and click the Details tab.
Figure 2 Details
- Click Copy to File, and then click Next as prompted.
- Select Base-64 encoded X.509 (.CER) and click Next. Figure 3 shows an example.
- Select the certificate name and click the Details tab.
- Rebuild the certificate. After all certificates are exported to the local PC, open the certificate file in Notepad and rebuild the certificate according to the sequence shown in Figure 4.
- Upload the certificate again.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.