IOS Native Support

Please fill out the fields below so we can help you better.

My domain

I ran this command:

It produced this output: Worked as expected from Safari . Failed in my IOS APP (ran through XCODE)

My web server is (include version):LINODE

The operating system my web server runs on is (include version):Ubuntu 16.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

Your site isn’t publicly reachable, so I was unable to confirm this, but issues like this are typically due to missing intermediate (chain) certificates. Intermediate certificates help HTTP clients build a trust chain back to a trusted root certificate. Browsers like Safari tend to cache these from other sites you visited, or might even be able to fetch them automatically, but other HTTP clients often don’t to anything like that.

You can verify this using openssl with something like this:
/usr/local/opt/libressl/bin/openssl s_client -connect -showcerts | grep "s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3"

If grep doesn’t find that string, you’re not sending the intermediate certificate.

The remediation steps depend on your web server and the ACME client you used. If you use certbot, make sure that you use either fullchain.pem somewhere in your web server confiugration, or both cert.pem and chain.pem. You can get instructions for your web server (and its exact version - there are differences with apache, for example) using Mozilla’s SSL Configuration Generator. If you can (temporarily) open your web server to the public and use port 443, SSL Labs will also be able to point out various possible configuration issues.

If none of this helps, is there a way for you to get more detailed logs/a stack trace from your app?

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.