Use fullchain ssl certificate

backend.conf.j2

@@ -9,7 +9,7 @@ server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
 
-    ssl_certificate /etc/letsencrypt/live/{{ domain }}/cert.pem;
+    ssl_certificate /etc/letsencrypt/live/{{ domain }}/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/{{ domain }}/privkey.pem;
     ssl_session_timeout 30m;
     ssl_session_cache shared:SSL:20m;
@@ -32,7 +32,7 @@ server {
     ssl_stapling_verify on;
 
     ## verify chain of trust of OCSP response using Root CA and Intermediate certs
-    ssl_trusted_certificate /etc/letsencrypt/live/{{ domain }}/chain.pem;
+    ssl_trusted_certificate /etc/letsencrypt/live/{{ domain }}/fullchain.pem;
 
     resolver 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=300s;