Just fixed SSL intermediate cert issues and removed vulnerable cipher protocols. Hooray! We got an A!
This came about because the iOS/Android facebook app was rejecting links to the site due to the fact that the facebook in app browser doesn’t have the capability to download external intermediate CA certs. So after some digging I added in the intermediate certs and adjusted the accepted ciphers.