curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
Thanks. curl/acme.sh can't communicate with Let's Encrypt, because your operating system and its packages are too out-of-date.
The preferred option is going to be to upgrade to a maintained version of SLES.
You could also try the workaround I posted here, keeping in mind that those instructions are for Ubuntu and may need to be adjusted for SLES. It's possible also that the instructions won't work, if the problem is the age of your OpenSSL package.
Anyone know how to get acme.sh to use curl with a -k option so I can get this certificate renewed and fight the update later after that? Browsers are now not allowing easy access without a valid certificate. I agree that needs to happen but was not I fight I need to do now.