I just moved one of my websites to https, using Letsencrypt.
I am using Linux, and my Chromium correctly verifies website certificate, but Firefox shows it as invalid. I also have an API on the website, and using a simple PHP script (with curl) to test API also gives invalid certificate error.
I tried downloading curl certificate bundle, and giving it to my PHP script. No luck, as I have found the provided bundle is generated from Mozilla.
The question is, is Letsencrypt really OK to use? Any sources to find more information about this? I don't want my users to see the ugly browser page, saying website is not secure, because I have online payment in website and it really hurts business.
UPDATE: Here is my sample Apache configuration:
SSLEngine on
SSLCertificateFile "/etc/letsencrypt/live/example.com/fullchain.pem"
SSLCertificateKeyFile "/etc/letsencrypt/live/example.com/privkey.pem"
And just to mention, I am running CentOS 7 with Apache 2.4.
UPDATE2: I just found that my Android phone also treats website as invalid. HTC M8, both Chrome and Firefox give invalid certificate. Phone is updated (Android 6).
I just suspect the configuration is maybe wrong somehow, but why Chromium on my PC gives a green light?