Letsencrypt certificate chain in AWS API Gateway custom domain trust store

tiru · June 20, 2022, 4:26pm

My domain is:letsencrypt-mtlsclient1.abhidhya.com

I ran this command: Trying to use this certificate for mTLS set up in API Gateway, but I'm getting warning saying there are 2 invalid certificate in your trust store bundle. Not sure if there is an issue with the chain as I think ISRG Root X is issued by DST Root CA X3, but that certificate seems to have expired.

What would be correct chain for Letsencrypt certificates issued by R3.

rg305 · June 20, 2022, 4:51pm

Hi @tiru, and welcome to the LE community forum

Which ACME client did you use?
Which cert files did you use?

tiru · June 20, 2022, 4:52pm

Thanks for your response.

Used certbot. I tried both chain and full chain.

rg305 · June 20, 2022, 8:07pm

Could you possible add a few details to that?
Brevity here is NOT your friend [it only delays the responses due to lack of understanding].

system · July 20, 2022, 8:07pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.