problem: ubuntu 14.04.6 > certbot gets an error, when connecting >> ssl error (this happend, after letsencrypt itself renewed their ssl root certificates)

openssl s_client -servername acme-staging-v02.api.letsencrypt.org -connect acme-staging-v02.api.letsencrypt.org:443
verify error:num=20:unable to get local issuer certificate


#get root + intermediate certificate via webbroweser and store them in crt files > put them to the linux machine
root@LaboProdApp01:/usr/local/share/ca-certificates# ls
letsencrypt-inter-r3.crt letsencrypt-isrg-root-x1.crt

#run command
update-ca-certificates

Running hooks in /etc/ca-certificates/update.d....
Adding debian:letsencrypt-inter-r3.pem
Adding debian:letsencrypt-isrg-root-x1.pem


>>> creates a "big" /etc/ssl/certs/ca-certificates.crt files that is used be the openssl tools

computer2know :: thank you for your visit :: have a nice day :: © 2022