Timeline for Let's Encrypt Certs Fail "openssl verify" Verification
Current License: CC BY-SA 4.0
5 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Sep 2, 2022 at 0:37 | comment | added | F1Linux | @SteffenUllrich: Thanks for your feedback! I'd have been unaware my command succeeded for all the wrong reasons if you hadn't have clocked it; thanks bud- | |
| Sep 2, 2022 at 0:34 | history | edited | F1Linux | CC BY-SA 4.0 | Incorporated the feedback from @steffenullrich to fix erroneous parts and expand on other parts. |
| Sep 1, 2022 at 17:17 | comment | added | Steffen Ullrich | The explanation is wrong. DST Root CA X3 is obsolete, instead ISRG X1 is used as root directly. The signing by DST Root CA X3 is only for compatibility with older systems, i.e. it is cross-signed with the previous root. The claimed fix with "isrg-root-ocsp-x1.pem" is not a fix at all, this certificate is useless here. The actual fix in your line was adding chain.pem with -untrusted, which you did not do in your original test. | |
| Sep 1, 2022 at 16:45 | history | edited | F1Linux | CC BY-SA 4.0 | small grammatical errors |
| Sep 1, 2022 at 16:39 | history | answered | F1Linux | CC BY-SA 4.0 |