SSL Certificate not trusted

Question

Having an issue with my SSL certificate. Often it seems to work fine, but sometimes the user's browser throws up a warning that it is not trusted.

I know very little about SSL certificates, but here is some information that may or may not be relevant:

• URL: demo.EnterpriseJazz.com
• It is a wild card certificate because the application uses subdomains (one subdomain per registered organization Example: BobsLawnCare.EnterpriseJazz.com)
• The certificate was cheap for a wild card certificate, I paid around $50 for it if I remember correctly. I believe I got it from a cheap re-seller.
• The server is located in my house on a Verizon FIOS business internet connection. It is not in a data center.

Seems to work fine with:

• Safari on my new Macbook Pro
• Chrome on my new Macbook Pro
• Firefox on my windows machine
• Microsoft Edge on my windows machine
• Internet Explorer on my windows machine
• Opera on my windows machine
• Firefox on my Linux machine (CentOS)

Not trusted with:

• Chrome on my iPhone 6s
• Safari on my iPhone 6s (screen shots below)

Answer 1

Have a look at the SSLLabs report for this site. Apart from a shockingly insecure setup you will notice:

This server's certificate chain is incomplete.

This means that the client has not enough information to build the trust path to the root certificate and thus can not accept the certificate as trusted.

However a desktop browser will attempt to work around such setup problems by trying to fill in the missing chain certificates, i.e. downloading these from the web or using cached certificates from earlier connections to other clients. But apart from the desktop browsers most other clients will not do it and thus fail.