I’m getting this error, when try to authorize an external app to work with my WordPress page.
Error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
I’m getting this error, when try to authorize an external app to work with my WordPress page.
Error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Typically that’s because not all 3 certs were uploaded in the correct place. Test things with https://www.ssllabs.com/ssltest/ should give you some clues ( or tell us the domain name )
Perhaps this is the reason?
DST Root CA X3 Self-signed
Fingerprint SHA1: dac9024f54d8f6df94935fb1732638ca6ad77c13
Pin SHA256: Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys=
RSA 2048 bits (e 65537) / SHA1withRSA
Weak or insecure signature, but no impact on root certificate
Perhaps. Without knowing all the other details I don’t know.
Root CA is never required on the chain for the server.
Because either client know and trust them or it makes no benefit.
Use fullchain.pem instead of cert.pem
I am on the same page. “Chain issues: None” Rating A.
Sorry, caching issue
Well, without knowing what this “”“an external app”"" is, we can’t say anything about it, now can we
Although the IdenTrust DST Root CA X3
certificate is quite accepted generally, there are some instances not recognising it as a trusted CA root certificate. Blackberry for instance I believe, among others.
It’s under API Authentication Endpoint: “Our authentication endpoint allows easy integration between WooCommerce and Apps…” like here: https://woocommerce.wordpress.com/2015/08/07/api-settings-and-the-api-authentication-endpoint-in-2-4/
I will try to contact my hosting provider.
“Some web servers have outdated root CA certificates and will cause this curl error: “SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed’”. The fix is to contact your hosting provider or server administrator and request a root CA cert update.”
Whichone is the CA cert (as a PEM file) exactly?
I’m also looking for the typical ca certificate to deploy certificates in Zimbra. I get an error pointing to invalid provider:
~$ /opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/commercial.crt /tmp/ca_chain.crt
** Verifying /tmp/commercial.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
Certificate (/tmp/commercial.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
XXXXX ERROR: Invalid Certificate: /tmp/commercial.crt: C = US, O = Let’s Encrypt, CN = Let’s Encrypt Authority X1
error 2 at 1 depth lookup:unable to get issuer certificate
XXXXX ERROR: provided cert isn’t valid.
/tmp/ca_chain.crt is fullchain.pem
/tmp/commercial.crt is cert.pem
/opt/zimbra/ssl/zimbra/commercial/commercial.key is privkey.pem
I just wanted to try adding ca cert to the full chain.
You may need to include the root CA. You can find the root certificates at https://letsencrypt.org/certificates/. For right now, you’ll want the root linked under the “Cross Signing” section, not the one at the very top.