Problem: SSL Certificate Error in System Diagnostic

ssl
certificates
problem

#1

Kudos @Moritz_Bunkus

Problem

In system diagnostic you see an error about an invalid certificate after you have installed external certificates based on this article.
grafik

Solution

Step 1

Verify the error is related to an intermediate certificate not being installed
openssl verify /etc/myssl/cert.pem

The expected output in case of a missing intermediate certificate should look similar to the following:

error 20 at 0 depth lookup: unable to get local issuer certificate
error /etc/myssl/cert.pem: verification failed

Step 2

If this is the case, install the missing certificate by:

Step 2A:

Copy the intermediate CA’s certificate to /usr/local/share/ca-certificates . Note that it must be encoded in PEM (not DER), and that the file name’s extension must be .crt and not .pem .

Step 2B:

Execute the command update-ca-certificates as user root .


#2