Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I just set up a SSL Cert on Forge for my site, but now Enjoyer is complaining that the health checks aren't going through. All three health-check servers are red. (I did update the health-check URL with https://...).
Has anyone encountered this? Any recommendations on what to do to fix it? :)
Thanks!
Maybe there's something wrong with the certificate. Have you checked with a tool like https://www.ssllabs.com/ssltest/ if everything is ok?
Did you install the intermediate certificates as well? If not, you may find https://certificatechain.io/ helpful.
Hi @freekmurze ! I installed the cert using Forge's cert installer. Then I clicked on the lock, and it showed the certificate chain was trusted. But it just occurred to me, that's from the viewpoint of my Mac, it has a complete chain. The servers themselves may not.
So, figured it out: I edited the cert file listed by forge and simply replaced it with the output from sslcertificatechain.io. Then restarted server, reran cert test and all was good!
Thanks Freek, saved me hours of troubleshooting, awesome resourced you provided there. :)
Some browsers, like Chrome and Safari, fetch the certificate chain themselves if it is incomplete. Others, notably Firefox and a few mobile browsers do not. So if you're using Chrome you probably won't see the issue that users of other browsers (and command line tools) are having.
Normally Comodo should have sent you the intermediate certificates as well. You'll need to manually concatenate those after your domain specific certificate. It's a bit tedious error prone.
Alternatively you could just paste your domain specific certificate into https://certificatechain.io It will return your certificate concatenated with all intermediates. This is much easier than doing it manually.
If you've already installed a certificate for your domain Forge with tell you the file where the certificate is installed. It should look something like /etc/nginx/ssl/<your domain name>/<random number>/server.crt Just paste paste the whole chain (= specific certificate + intermediates) into that file and you're golden :-)
You've already figured it out while I was typing. Nice!! :-)
@freekmurze Oops, spoke too soon. Enjoyer.io still won't see the https server. Trying another deploy now.
OK, another deploy did it. (I guess it only runs the health check after deploying. Would be nice if it keeps running the health check after failure.)
Please or to participate in this conversation.