I have been getting the following error while making request to the server using HTTP Library ever since I switched to letsencrypt SSL Certificate:
Error: certificate has expired
at TLSSocket.onConnectSecure (_tls_wrap.js:1046:34)
at TLSSocket.emit (events.js:180:13)
at TLSSocket._finishInit (_tls_wrap.js:633:8)
Emitted 'error' event at:
at TLSSocket.socketErrorListener (_http_client.js:395:9)
at TLSSocket.emit (events.js:180:13)
at emitErrorNT (internal/streams/destroy.js:64:8)
at process._tickCallback (internal/process/next_tick.js:178:19)
My certificate are not due for renewal but I still get the above Error whenever I try to do a post on my server. I tried to fix the chain following the instructions in the Link, but all my efforts went in vain.
I even tried to manually remove the cross-signed ISRG Root X1 from the chain and ended up with "SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch" while trying to restart NGINX server.
As a temporary solution, I've fixed this (temporarily) by adding
rejectUnauthorized: false
to the option which is not recommended.
Any permanent solution or Help would be appreciated.
DETAILS FOR REFERENCE:
Certificate Generation Detail:
Used Certbot Standalone Mode to Retrieve Certificates.
Web server:
NGINX 1.7.0
Nodejs 9.11.1
Certbot Version:
2.1.0
Certificate Chain:
CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = <mydomain.com>
verify return:1
---
Certificate chain
0 s:/CN=<mydomain.com>
i:/C=US/O=Let's Encrypt/CN=R3
1 s:/C=US/O=Let's Encrypt/CN=R3
i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
