Hi, we have an internal ACME instance which is issuing internal certificates. This is done within our own root CA which is not found in the certbot trust store. I have solved this by appending the root cert to "certify" package for windows but I am still searching for the trust store in the ubuntu client? Any hints? Ignoring the SSL verification at all is not an option for me.
I have already added the CA to the OS and s_client is reporting success:
root@myhost:~# openssl s_client -connect acme.intranet.com:443 -CApath /etc/ssl/certs/|grep Verification
Verification: OK