Hi there,
I have a rather odd problem where Firefox (desktop Linux and Android) and Chromium accept the Let’s Encrypt SSL certificate associated with my Nextcloud subdomain, but every client I’ve tested (Desktop Linux, Android, ownCloud Notes, own Note ) all refuse to recognize the certificate with various error messages:
ownCloud News for Android says: “Trust anchor for certification path not found”
Nextcloud desktop says: “The issuer certificate of a locally looked up certificate could not be found
No certificates could be verified”
Nextcloud Android says: “The server certificate is not trusted”
I’ve confirmed the certificate fingerprints are the same in all cases, yet the browsers all accept it and the apps all reject it (even when two are on the same device, eg FIrefox for Android and Nextcloud Android app).
OK, I got it figured out. I was installing the certificate/key manually, and it turned out that I used cert.pem that CertBot generates where I should have been using fullchain.pem instead. I fixed that, restarted nginx and now everything works perfectly on all clients.
Thanks for your help @Andy / @Andrew_Middleton and hopefully this post helps someone else out in the future.