We are facing an issue related to ssl on our test devices. Same thing is working perfectly on my local machine.
Please help me out, how I can resolve this issue without update anything in the device.
Command: curl https://test-domain.com
Output:
More details here: https://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
What operating system are the devices running? Because that domain is using an ECDSA certificate along with the ecdsa chain to the ISRG Root X2. Any device must be modern enough to have that root in its CA certificate store.
If they don't you might change your server to use an RSA certificate or an account that is not on the ECDSA allow list
The device I am testing is not supporting ECDSA based certificates. Do you have any idea how to install rsa based certificates using certbot in the server?