Make sure you’re also sending the whole trust chain (the intermediate certificates) on the responses. That would be chain.pem (just the intermediates) or fullchain.pem (your cert plus the intermediates). For Apache, I’d use the chain.pem file with the directive “SSLCertificateChainFile” like so:
SSLCertificateChainFile "/etc/letsencrypt/live/DOMAIN/chain.pem"