Hi, I have generated a new certificate for the domain app.werecruit.io and this certificate is not trusted by the services that need to connect to our app. I see on this tool that the certificate is correctly installed https://www.sslshopper.com/ssl-checker.html#hostname=app.werecruit.io, but can fail to be trusted on some browser. And for example, the mandrill inbound email webhook call return this error: Error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed.
When you configure your webserver with an SSL certificate, you need to use the full certificate chain (sometimes called fullchain.pem, or created by concatenating your certificate with cabundle.pem).
Right now, your web server is only configured with your certificate, but the chain/bundle is missing. This will result in some clients receiving certificate trust errors.
How did you get your certificate originally? All the files you need would have been given to you then.