When our site sends emails to users that fill-out our contact form, the images don't show on iPhones running iOS 15+ Mail app. They show in the Gmail App, and all desktop mail clients (Mail, Thunderbird, Outlook, etc.). Believe this has something to do with configuration for iOS to recognize the valid cert and would love a tutorial or explanation as to how to do this.
Usually, email clients don't show external images at all, as that would be a privacy issue. So I'm kinda surprised you're saying most email clients do show the images? Which is kinda weird..
Users can block external images with Privacy Protection on their iPhones (Settings --> Mail --> Privacy Protection), but generally all images in newsletters, HTML mailers, Email signatures, etc., will show. The only ones that seem to be missing on the iPhones running iOS 15+ that I've attempted are those with SSL provided by LetsEncrypt.
For example, fill out the contact form on the site I posted (above) and you'll receive an auto-reply. If you're on iOS 15 in the Mail App on an iPhone, the images will be missing/broken. But if you open it on any Android device, or in the Gmail app on iPhone, the images show correctly.
To me, that suggests the images are added to the email inline, as no modern email client would do that as far as I know (Thunderbird, Outlook, K9).
Also, the only thing I can think of if the images are sourced from a website (which is a privacy issue and not recommended), is that the failing system(s) don't have the ISRG Root X1 root certificate in their root store. But you're saying iOS 15+ has issues, which suggests 14 and lower are fine? Which is weird if it's a root cert issue.
Everything you said makes complete sense. Thanks, Osiris.
Based on your advice, I'm checking the PHP Mailer to see why (or if) the images are being embedded incorrectly. Just to help others that may be experiencing the same issues, I'll report back and post my findings.
I think in order to best assist you, you should post the URL here of a specific image that isn't showing up in some users' devices. (If the image is actually embedded in the email as @Osiris reasonably suggests based on what you've said, I'm not sure how it could be related to a Let's Encrypt certificate?)
This screenshot shows the images that are in my signature that start with HTTPS:// and the image at the top of the contact form that starts with HTTPS://.
The remaining images at the bottom of the screenshot are included into PHPMailer using HTTP:// and are visible in Mail App on iOS 15+
The screenshot shows the email went into the JUNK folder.
Most email clients won't show any images for emails in the JUNK folder.
[some (like mine) won't ever show me any images at all - unless I ask it to (per individual email)]
Phones are not very good tools for troubleshooting.
HTTPS and HTTP on the same page/rendering is usually seen as "mixed content" and shun upon.
Try changing the HTTP links to HTTPS.
Yeah, that's a red herring. I screenshotted before I moved it and they were identical, but you can see the images showing below to see the non-SSL ones. I initially had all images as HTTPS and was gradually switching them over to HTTP as they were beginning to show, but I decided it was probably not the best way to go as I want all served content to be secure.
If I un-munged your URL correctly (I'm not completely sure I did), it looks like it's using a cPanel CA certificate rather than Let's Encrypt, but regardless I don't see any obvious SSL issues with the server that would prevent any half-recent client from connecting.
Yes, while reaching out for assistance, here, my host (LiquidWeb) recommended I try swapping the AutoSSL provider from LetsEncrypt to cPanel's Sectigo.
But I believe you're right that the issue doesn't have anything to do with LetsEncrypt.