SSL Issues from mobile phones

[Wickd]

Hello everyone,

I'm having an issue with my SSL certificate (Issued from Let's Encrypt).The problem is people coming to the website from mobile phones get "unsafe error" while on the desktop it works without any problems.I'm assuming the problem is within the certificate?

*UPDATE Confirmed the issue is often on google search click and iOS devices

Here's the report coming from ssllabs.
Site link :

You must be registered for see links

You must be registered for see links

If anyone could point me into the right direction that'd be much appreciated.

 

[Funeh]

Weird, it's secure for me on PC and Mobile(iphone).

Could it possibly be your internet provider?

 

[Wickd]

Weird, it's secure for me on PC and Mobile(iphone).

Thank you for your reply.It seems the issue starts from google search and mostly on iOS devices.

 

[Shxrty]

Try clearing your Cache/Purging the Cache for the Safari app in your settings, then try loading your site with https:// in front of it.

 

[Macemore]

You're probably not getting redirected to www.yourwebsite.com on IOS judging by your certificate CN=

You must be registered for see links

, ask for another certificate and seperate via commans your "multiple" domains (this being beehost.rs and www.beehost.rs).


The reason this happens is because www. was to tell the system to connect to the world wide web, back when the internet was actually intranet. This old bullshit has continued to today and thus you must assume clients may connect by

You must be registered for see links

AND beehost.rs, fortunately for most browsers they usually default to that, unless the subdomain doesn't exist in the DNS records. This also varies between browsers and browser versions.

Post automatically merged: Jan 21, 2021

Upon further analysis it appears your content management system is actually trying to account for this by forwarding us manually to the www. subdomain (see GIF), so whatever plugin is doing that or if its just built in I'd raise a bug flag with the creator of either. Clearly not working on your client, also its still best practice to SSL www. of all domains planning on accepting browser based traffic. This would fix the issue regardless of the bug in your code, too.

You must be registered for see links

 

[Wickd]

You're probably not getting redirected to www.yourwebsite.com on IOS judging by your certificate CN=

You must be registered for see links

, ask for another certificate and seperate via commans your "multiple" domains (this being beehost.rs and www.beehost.rs).


The reason this happens is because www. was to tell the system to connect to the world wide web, back when the internet was actually intranet. This old bullshit has continued to today and thus you must assume clients may connect by

You must be registered for see links

AND beehost.rs, fortunately for most browsers they usually default to that, unless the subdomain doesn't exist in the DNS records. This also varies between browsers and browser versions.

Post automatically merged: Jan 21, 2021

Upon further analysis it appears your content management system is actually trying to account for this by forwarding us manually to the www. subdomain (see GIF), so whatever plugin is doing that or if its just built in I'd raise a bug flag with the creator of either. Clearly not working on your client, also its still best practice to SSL www. of all domains planning on accepting browser based traffic. This would fix the issue regardless of the bug in your code, too.

You must be registered for see links

Thank you Mace you're 100% right and this fixed the issue.
*EDIT For anyone having the same issue i did what Macemore recommended which was getting a new SSL that covers www.