I cannot use a url I have set up with my iOS app, my NSURL session connects without issue when I point it to an https site with a digicert provided cert but my lets-encrypt https domain gives an error unless I tinker with the ATS settings, is there a work around for this ?
The error in my case is (kCFStreamErrorDomainSSL, -9813)
Make sure you are serving the intermediate certificate (e.g. fullchain.pem). You can verify this with SSL Labs. Some googling suggests this error is related to untrusted certificate chains, which would be consistent with a missing intermediate certificate.
Thank you, that was exactly the problem, my nginx.conf was misconfigured
I had :
ssl_certificate /etc/letsencrypt/live/domainname.com/chain.pem;
When it should have been :
ssl_certificate /etc/letsencrypt/live/domainname.com/fullchain.pem;