websocket ERR_CERT_AUTHORITY_INVALID
when some players enter our game, they meet this error in all browsers 
We have changed the certificate recently. So I check one player's certificate on our game page,
It is the lastest certificate. So what may cause this problem? Should we do something after change the certificate?
EDIT1
Did CDN cache the certificate? After we refresh the CDN, some player can connect to the game immediately.
EDIT2
We found the player's browser has such an option "block unsafe certificate", when the option is enabled, he can't connect to the server and he can connect to server when the option is disabled. We export the intermediate certificate and send it to the player for import. After that, the player can play the game with the option selected.
EDIT3
Finally we found the intermediate certificate is right on the nginx side,but on the server side, the ca is missing. After add it, the websocket could work. And When I asked same question on another forum v2ex,I found a good way to test if the certificate chain is complete. you can visit the site and change the domain and port with your site.
https://cert.catbox.io/api/v1/queryChain?domain=s41001-ad-tanwan.zlgl.17tanwan.com&port=8085
If your server is correct, you will find the server side certificate and the intermediate certificate.If you can't find the intermediate certicate, you need to check your server config.
Your server https://s41001-ad-tanwan.zlgl.17tanwan.com/ provides only the last certificate in the chain, the actual certificate of the server.
This certificate is signed by the intermediate certificate from "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1" that is valid since 2020-07-16. If the clients have not updated their browsers/operating systems for some time, they don't have this intermediate certificate, and they report this as an invalid certification authority.
Put the intermediate certificate to the certificate file, and it should fix the problem, since the intermediate certificate is signed by the DigiCert root certificate, that is in the game since 2006. Everyone has it.
You run nginx, right? The ssl_certificate instruction in nginx accepts files with certificate chains. This file should have the server certificate first, then the intermediate certificate.
- Is there a equivalent of allow-insecure-localhost flag of Google Chrome in Firefox?
- HTTP headers in Websockets client API
- Web Socket: IIS WebSocket Protocol feature need to be enabled for Socket.io?
- Sending websocket ping/pong frame from browser
- Overhead of WebSockets on Apache Server
- Unable to deliver server events through websockets in production
- How to avoid blocking the asyncio event loop with looping functions
- How server knows to close the connection of websocket when website tab is closed
- How to know the URL of a websocket client request?
- Socket.io with flask-socketio python. How to set socket keepalive/timeout
- WebSocket through SSL with Apache reverse proxy
- Cannot connect to to FastAPI with WebSocket in Flutter. 403 forbidden / code 1006
- DDEV: Laravel + Vite + Websockets with Soketi - trouble with port configuration
- In Firefox/Chrome devtools Is there a way to send/edit websocket messages after connection
- How to extract blob data from websocket response
- Is it possible to use SignalR on a Node.js backend?
- Deploying NextJS with Socket.IO application in IIS 10
- Unexpected websocket requests after my http requests
- Display WebSocket message with formatting?
- Preserving Order of Item Events | DynamoDB Stream => SNS => SQS => Websockets
- SignalR stream locally accessible, no longer accessible after deploy with docker
- Stuck in await for async.Event after event was set
- Jetty 11: Set idle timeout for WebSockets programmatically and via configuration file
- Unable to connect to server through JS websocket
- How to store user data for every WebSocket connection in Helidon SE4
- Debugging a WebSocket Connection Through a Proxy Using Boost Asio and Beast in C++
- Socket.io connection problems inside a cluster
- How can I benchmark a websocket-based Node.js application?
- Information overload from a websocket
- Firefox can't establish a websocket connection while Chrome can