Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
easgs
New Contributor

Created on ‎04-21-2025 02:53 PM

certificate chain shown as Incomplete on SSL scan with https://www.ssllabs.com/ssltest/

we have a problem with certificates and fortiweb, we get a certificate chain error shown as Incomplete on SSL scan with https://www.ssllabs.com/ssltest/, but browsers show certificates as valid, and the complete chain is ok, we uploaded the certificate to fortiweb, and to the IIS server, we get this error with sslshopper too.

 

 

WhatsApp Image 2025-04-11 at 11.36.11 AM.jpegWhatsApp Image 2025-04-11 at 11.36.54 AM.jpeg

Easgs
Easgs
Labels:
655
0 Kudos
3 REPLIES 3
AEK
SuperUser
SuperUser

Created on ‎04-21-2025 03:05 PM

The web servers don't show error because they know how to rebuild the chain. However the mobile apps don't do that, probably because they are lazy or for security.

So in case mobile apps will use this site then you need to add the certificate chain, otherwise you will have SSL error in your app.

 

In policy:

cert.png

AEK
AEK
647
0 Kudos
easgs
New Contributor
In response to AEK

Created on ‎04-23-2025 04:18 PM

So, we have to add the server certificate in the certificate field wich we already did, and the Intermediate certificate in the certificate Intermediate field?

Easgs
Easgs
580
0 Kudos
AEK
SuperUser
SuperUser
In response to easgs

Created on ‎04-24-2025 03:03 AM

Exactly.

AEK
AEK
553
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.