So I'm currently having an issue where my Jenkins server is not able to run pipeline jobs due to what I'm guessing is the Letencrypt root CA expiring.
the error I am getting is stderr: fatal: unable to access ' https://mygitserver.com ': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
Now I have tried updating my ca-certificates store and there was 0 changes. I also have tried checking to see my certificate chain:
0 s:CN = https://mygitserver.com
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
i:O = Digital Signature Trust Co., CN = DST Root CA X3
The output looks like they are in the right order unless I am doing anything wrong, if I am correct is the issue most likely that the server is still trusting the old root certificate rather than ISRG Root X1?
I've checked the current certificate and all is fine with no errors.
Any assistance or pointers would be appreciated.