I’ve tested your site on Android (Chrome, Firefox, Opera and Boat Browser) and all is correct, I connect to your https site without any error or warning.
One thing that you should review is that you are serving the Let’s Encrypt intermediate certificate twice and you should only serve it once.
You probably have configured both fullchain.pem and chain.pem together with your server. You should instead use cert.pem and chain.pem if your server requires the certificate chain provided separately, or else you should use only fullchain.pem by itself.
Thank you indeed, this is the case: The certificate is served twice.
I am not in my box now, but It is very possible I am using fullchain.pem and chain.pem together.
I remember trying to find a way that both www and non-www versions of my domain are valid and this was the combination of files that made it possible.
Apparently, this was not the most scientific and accurate approach and I have to revise it. Should I also ask my provider for some info on how it is expected to achieve that with their configuration.
As a good rule of thumb: If there are two boxes to put things in, put cert.pem in the first one and chain.pem in the second one. If there is only one box, put fullchain.pem in it.
If you were to look inside a copy of these files, you’d find that fullchain.pem is just the contents of cert.pem, followed immediately by the contents of chain.pem - it’s the same information but presented as a single file.
But, although the current configuration is not correct, and can in some rare circumstances break things, it will not matter to the vast majority of ordinary visitors to the site. So if you fear that trying to fix it will be too difficult, simply don’t worry about it.
