My domain is: gallery.vote
I ran this command: sudo certbot --preferred-chain "ISRG Root X1"
It produced this output: all good
My web server is (include version):
twistd (the Twisted daemon) 18.9.0
The operating system my web server runs on is (include version):
Linux 5.4.0-91-generic #102-Ubuntu SMP Fri Nov 5 16:31:28 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
So here's the issue, the cert works on some browsers / machines and not others.
When I try to reach it with python thru the requests module.
SSLError: HTTPSConnectionPool(host='gallery.vote', port=443): Max retries exceeded with url: /haiku/0 (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)')))
When I try to connect with openssl
$ openssl s_client -connect gallery.vote:443
depth=0 CN = gallery.vote
verify error:num=20:unable to get local issuer certificate
I have had this issue for months, and we've updated the cert many times, using different claimed solutions online. Please advise.