What is the correct fix to prevent end users from seeing an SSL trust error when connecting to a web server through a load balancer?

SSL trust errors in this scenario come from an incomplete certificate chain. When a client connects to a server (or through a load balancer), it validates the server’s certificate by building a chain up to a trusted root CA. If intermediate certificates are not provided, the chain can’t be completed, and the client warns about trust. The fix is to ensure the server certificate is linked to its intermediate and root certificates by delivering the full certificate chain to clients (usually via the load balancer, as a single certificate bundle). With the complete chain presented, clients can validate up to a trusted root and the SSL warning disappears. The other options don’t address the chain issue: the private key isn’t about trust, the public key alone isn’t sufficient for trust, and installing the server certificate on client devices isn’t how TLS trust works.