Certain clients started to fail after certificate renewal, while others didn't

Help
1

Hello

Something too subtle for me happened on 10/06/2021 when I renewed my certificate. Apparently everything went as expected. Browsers can access in a secure way.

My site is reached by many different modules with their libraries such ESP01, NodeMCU, ESP32... Most of them work fine, but in the particular case, for the ESP01, that uses the ESP8266 it started to fail.

I can assert that is something back-end related, as all this model started to fail since certificate renewal for different users. They suffered no updates or reboots and were automatically working for years in some cases.

So my guess is that something has changed in the way certificates are made lately as the renewal process didn't give me problems in the last years. But no idea.

I can point that trying exactly the same device, with the same library and firmware, but pointing to "www.google.com" instead of "circusofthings.com" works well.

When googling why works with some URLs while not with others, it get that this vendor is not supporting SNI feature... maybe it has something to see with some change with certbot?

Thanks in advance

My domain is: circusofthings.com

I ran this command:
sudo certbot certonly --force-renew -d circusofthings.com -d www.circusofthings.com
(option 3)
openssl pkcs12 -export -out /a/path/cot.pfx -inkey /etc/letsencrypt/live/circusofthings.com/privkey.pem -in /etc/letsencrypt/live/circusofthings.com/cert.pem -certfile

It produced this output:
(All succeceeded)

My web server is (include version): Tomcat 7.0.52.0

The operating system my web server runs on is (include version): Ubuntu Server 16.04

My hosting provider, if applicable, is: hostinet.es

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

1 Like
2

I'm allergic to cats...

I think the problem is that the chain is either missing/incomplete and required by Tomcat within the pkcs12 file.
OR
The R3 intermediate cert isn't in your ca-certificates file (default trusted root store).
OR
Both.

2 Likes
3

And unless you haven't yet been notified:

Per: EOL - Community Help Wiki
Support for that version expired more than two years ago.
If you can't upgrade the version, you should really consider putting the Tomcat behind a (newer) proxy.

2 Likes
4

My bad... Ubuntu version actually is 16.04, sorry.

5

About your kind suggestions, I'm not sure how to check it. I also wonder if it makes sense that fails for some clients but not for another ones.

1 Like
6

Welcome Back to the Let's Encrypt Community, Jaume :slightly_smiling_face:

There was recently a major change to the certificate chain issued by Let's Encrypt:

2 Likes
7

You should avoid using this parameter like you should avoid eating birthday cake baked in a nuclear reactor. It never ends well.

(Besides, the correct parameter is --force-renewal. I have no idea how you didn't get a syntax error.)

2 Likes
8

Hi, Griffin, thanks for your hints.
I'm astonished to know that we can't have any more nuclear cakes, kids looked so cool with that glowing aura :frowning:
Still your link is so complicated to me. Not sure if I can have any chance to find a workaround that works for all. The info is giving detail of what is behind the scenes, but not sure on how to test the different types... if possible.

2 Likes
9

Try:
sudo apt install ca-certificates

2 Likes
10

Sadly, it didn't make any difference.

1 Like
11

hmm...
Then I would try using the chain.pem file instead of cert.pem:
openssl pkcs12 -export -out /a/path/cot.pfx \
-inkey /etc/letsencrypt/live/circusofthings.com/privkey.pem \
-in /etc/letsencrypt/live/circusofthings.com/chain.pem -certfile

1 Like
12

That turns in a bad syntactic usage of the command. Removing "-certfile" option responds with "No certificate matches private key"

1 Like
13

Sorry, that should be fullchain.pem.
openssl pkcs12 -export -out /a/path/cot.pfx \
-inkey /etc/letsencrypt/live/circusofthings.com/privkey.pem \
-in /etc/letsencrypt/live/circusofthings.com/fullchain.pem -certfile

1 Like
14

Now the command succeeded (without "-certfile")... but I still have the original issue.

1 Like
15

Please show the fullchain.pem file.
OR the chain.pem file.

1 Like
16 
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAwuQMCi+zNKWrUsmCyhFrJq8MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTA3MjAxMzA3MzJaFw0yMTEwMTgxMzA3MzBaMB0xGzAZBgNVBAMT
EmNpcmN1c29mdGhpbmdzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqPWA671dEIKciFazQHMfC5H/wey7XhCOL8jHzy9jiNRoXkoW+AeEs8Kl8G
JsMfp84Hzet1qa2gUzPmACx0w+spOj4IWobOlHnTM6gVH+32YTToPUaDVZ670MfR
E8fk8ePlqjAQhuRtTRWBBlvLZulJ1ia+BSETqU4i5YeHD8+pxuH/gKOOe5wCc+Ya
PJi6D8QICiUct0YLXpHLsxdAcPsSCB8/bEbCkt4Nqylwyy9EFO8ypx/RpktnU3rT
OtZFdoQ7+WgfUxOJsemb6cdWufi3NBAaSMmKvQ3d31IOvZ6wkbVyK5YRY2/CsyBt
pK6aveCUFvyy+59WsnL3k581eAUCAwEAAaOCAmUwggJhMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQUEtm5G6jy4pOgkDYUJKUYwz2Oa+8wHwYDVR0jBBgwFoAUFC6zF7dY
VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw
Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy
Lm9yZy8wNQYDVR0RBC4wLIISY2lyY3Vzb2Z0aGluZ3MuY29tghZ3d3cuY2lyY3Vz
b2Z0aGluZ3MuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEB
MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYK
KwYBBAHWeQIEAgSB9QSB8gDwAHcAlCC8Ho7VjWyIcx+CiyIsDdHaTV5sT5Q9YdtO
L1hNosIAAAF6xD5DDwAABAMASDBGAiEAqo4fJClxbp8+RPHe434JDGswsCIRtRJU
IaF2bujC0o8CIQCJYWXLzdyuopVZC6LPX98q4oV3Q1DA10dnyNNldbn5WwB1APZc
lC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAABesQ+QwAAAAQDAEYwRAIg
C5oR2K34UZS1V/4jJcGrdLYkwKWuiac+deONtdVlfMcCIHtFlzxQD5SX6fhHyfdg
4SAWsE5wBuRNFPV8O+iHd0WbMA0GCSqGSIb3DQEBCwUAA4IBAQCYZWvvCHjDwwgv
8EzR56ZVWlIAZozMJyhqivd+1gvfbhwtcp0ompVOlves+GzRRyT73wH8Eg5y9PZj
/8Y2IgDWlfZnrbYVwUoOQoYJIOEguna+GuJxyhxLAWVAn3ZZ2Y7h2TTOd0TLGF+C
6sQ5eDr0ZeYAMjQIew0qbTz0NC3oPCBuONKWMhbLlOiFudvmc8ahAsx4ITYWTTE/
8fqUJU4YV1InD9DVqoLXNmf6ZPA/P8p0g0ZeYKzI/ePY9+ba1ujwlsIdOzagnK21
zBBwo4MJ1GsRLeTI45+23ePW2LgDO7x9eEVYuX3fI0fDeQ2S5ZdyRjlPzfH9oYF6
KGjduaNF
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
-----END CERTIFICATE-----
1 Like
17

OK I have two test files for you to try.
[instead of using fullchain.pem]

Just save these as test1.pem & test2.pem

1 Like
18

#1:

-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAwuQMCi+zNKWrUsmCyhFrJq8MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTA3MjAxMzA3MzJaFw0yMTEwMTgxMzA3MzBaMB0xGzAZBgNVBAMT
EmNpcmN1c29mdGhpbmdzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqPWA671dEIKciFazQHMfC5H/wey7XhCOL8jHzy9jiNRoXkoW+AeEs8Kl8G
JsMfp84Hzet1qa2gUzPmACx0w+spOj4IWobOlHnTM6gVH+32YTToPUaDVZ670MfR
E8fk8ePlqjAQhuRtTRWBBlvLZulJ1ia+BSETqU4i5YeHD8+pxuH/gKOOe5wCc+Ya
PJi6D8QICiUct0YLXpHLsxdAcPsSCB8/bEbCkt4Nqylwyy9EFO8ypx/RpktnU3rT
OtZFdoQ7+WgfUxOJsemb6cdWufi3NBAaSMmKvQ3d31IOvZ6wkbVyK5YRY2/CsyBt
pK6aveCUFvyy+59WsnL3k581eAUCAwEAAaOCAmUwggJhMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQUEtm5G6jy4pOgkDYUJKUYwz2Oa+8wHwYDVR0jBBgwFoAUFC6zF7dY
VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw
Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy
Lm9yZy8wNQYDVR0RBC4wLIISY2lyY3Vzb2Z0aGluZ3MuY29tghZ3d3cuY2lyY3Vz
b2Z0aGluZ3MuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEB
MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYK
KwYBBAHWeQIEAgSB9QSB8gDwAHcAlCC8Ho7VjWyIcx+CiyIsDdHaTV5sT5Q9YdtO
L1hNosIAAAF6xD5DDwAABAMASDBGAiEAqo4fJClxbp8+RPHe434JDGswsCIRtRJU
IaF2bujC0o8CIQCJYWXLzdyuopVZC6LPX98q4oV3Q1DA10dnyNNldbn5WwB1APZc
lC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAABesQ+QwAAAAQDAEYwRAIg
C5oR2K34UZS1V/4jJcGrdLYkwKWuiac+deONtdVlfMcCIHtFlzxQD5SX6fhHyfdg
4SAWsE5wBuRNFPV8O+iHd0WbMA0GCSqGSIb3DQEBCwUAA4IBAQCYZWvvCHjDwwgv
8EzR56ZVWlIAZozMJyhqivd+1gvfbhwtcp0ompVOlves+GzRRyT73wH8Eg5y9PZj
/8Y2IgDWlfZnrbYVwUoOQoYJIOEguna+GuJxyhxLAWVAn3ZZ2Y7h2TTOd0TLGF+C
6sQ5eDr0ZeYAMjQIew0qbTz0NC3oPCBuONKWMhbLlOiFudvmc8ahAsx4ITYWTTE/
8fqUJU4YV1InD9DVqoLXNmf6ZPA/P8p0g0ZeYKzI/ePY9+ba1ujwlsIdOzagnK21
zBBwo4MJ1GsRLeTI45+23ePW2LgDO7x9eEVYuX3fI0fDeQ2S5ZdyRjlPzfH9oYF6
KGjduaNF
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
1 Like
19

#2:

-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAwuQMCi+zNKWrUsmCyhFrJq8MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTA3MjAxMzA3MzJaFw0yMTEwMTgxMzA3MzBaMB0xGzAZBgNVBAMT
EmNpcmN1c29mdGhpbmdzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqPWA671dEIKciFazQHMfC5H/wey7XhCOL8jHzy9jiNRoXkoW+AeEs8Kl8G
JsMfp84Hzet1qa2gUzPmACx0w+spOj4IWobOlHnTM6gVH+32YTToPUaDVZ670MfR
E8fk8ePlqjAQhuRtTRWBBlvLZulJ1ia+BSETqU4i5YeHD8+pxuH/gKOOe5wCc+Ya
PJi6D8QICiUct0YLXpHLsxdAcPsSCB8/bEbCkt4Nqylwyy9EFO8ypx/RpktnU3rT
OtZFdoQ7+WgfUxOJsemb6cdWufi3NBAaSMmKvQ3d31IOvZ6wkbVyK5YRY2/CsyBt
pK6aveCUFvyy+59WsnL3k581eAUCAwEAAaOCAmUwggJhMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQUEtm5G6jy4pOgkDYUJKUYwz2Oa+8wHwYDVR0jBBgwFoAUFC6zF7dY
VsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRw
Oi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNy
Lm9yZy8wNQYDVR0RBC4wLIISY2lyY3Vzb2Z0aGluZ3MuY29tghZ3d3cuY2lyY3Vz
b2Z0aGluZ3MuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEB
MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYK
KwYBBAHWeQIEAgSB9QSB8gDwAHcAlCC8Ho7VjWyIcx+CiyIsDdHaTV5sT5Q9YdtO
L1hNosIAAAF6xD5DDwAABAMASDBGAiEAqo4fJClxbp8+RPHe434JDGswsCIRtRJU
IaF2bujC0o8CIQCJYWXLzdyuopVZC6LPX98q4oV3Q1DA10dnyNNldbn5WwB1APZc
lC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAABesQ+QwAAAAQDAEYwRAIg
C5oR2K34UZS1V/4jJcGrdLYkwKWuiac+deONtdVlfMcCIHtFlzxQD5SX6fhHyfdg
4SAWsE5wBuRNFPV8O+iHd0WbMA0GCSqGSIb3DQEBCwUAA4IBAQCYZWvvCHjDwwgv
8EzR56ZVWlIAZozMJyhqivd+1gvfbhwtcp0ompVOlves+GzRRyT73wH8Eg5y9PZj
/8Y2IgDWlfZnrbYVwUoOQoYJIOEguna+GuJxyhxLAWVAn3ZZ2Y7h2TTOd0TLGF+C
6sQ5eDr0ZeYAMjQIew0qbTz0NC3oPCBuONKWMhbLlOiFudvmc8ahAsx4ITYWTTE/
8fqUJU4YV1InD9DVqoLXNmf6ZPA/P8p0g0ZeYKzI/ePY9+ba1ujwlsIdOzagnK21
zBBwo4MJ1GsRLeTI45+23ePW2LgDO7x9eEVYuX3fI0fDeQ2S5ZdyRjlPzfH9oYF6
KGjduaNF
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
-----END CERTIFICATE-----
1 Like
20

#1 is working fine for the client that wasn't working

... but it broke for other clients

1 Like