I'm stuck for a few days to solve this issue and ended here.
The problem is, all of my domain with SSL E1 (ISRG Root X2) can't be accessed with PHP curl() from client server (other server), it give 403 error or empty string.
But the client curl() can access my sub domain with SSL R3 (ISRG Root X1), working well and no issues as I know.
It use same server, just different SSL CN, the SSL is generated automatically by webpanel HestiaCP, so I do nothing about it, just let the webpanel do it automatically.
Is there any way to solve it? or how to switch all domain SSL to R3 ?
My domain is:
gimcraft.com (E1, the problem), test.gimcraft.com (R3)
I ran this command:
It produced this output:
My web server is (include version): LAMP with HestiaCp
The operating system my web server runs on is (include version): Ubuntu 18
My hosting provider, if applicable, is: Vultr
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): HestiaCP or VestaCP
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): 2.6.0
Do you have ISRG Root X1 in your trust store?
You should install it. And X2 for good measure.
sudo apt update
sudo apt upgrade
I already install it with the help of chatgpt, maybe it give me a wrong instructions, any guide ling related to root certificate installation? specially for lets encrypt
Thanks for the link, but IDK how to do with it
Thanks for the reply, Still not solve my issue
sudo apt update
sudo apt upgrade ca-certificates
and don't use chatgpt for this.
You may have to run
dpkg-reconfigure ca-certificates and look through the list to make sure the X2 certificate is checked.
I'm unsure of the cause but out of about 8 systems, I had one where X1 was checked but not X2. And another where literally nothing was checked... that one took quite a while to fix....
update-ca-certificates but it should run automatically when you exit the
Thanks for the reply, strangely, both root x1 and root x2 is exist and checked. but the SSL in php curl() still invalid
These responses indicate that this is not an SSL issue. You need to figure out why your server is denying access or sending no content.
Since you are using Cloudflare, you may want to check the firewall logs in your Cloudflare dashboard. You may also want to visit the
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.