Problem: Connections (as a client) to let's encryted domains from UCS not trusted


With UCS 4.4-8 errata 1057 an below access of Let’s Encrypt signed sites is not possible since 2021-10-01 as the certificate is not trusted.
You can test it by using tool like curl or wget.

root@dc1:~# curl
curl: (60) SSL certificate problem: certificate has expired


Please install errata 1059 and 1060 that will fix the problem.

In some cases you need to remove the old R3-certificate and refresh ca certs:

rm /usr/local/share/ca-certificates/lets-encrypt-r3.crt
update-ca-certificates  --fresh

Maybe it also needs a refresh for lets encrypt


Search tags: letsencrypt

1 Like