Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
sandbox.torawallet.gr
I ran this command:
openssl s_client -connect api.sandbox.torawallet.gr:443 -servern ame api.sandbox.torawallet.gr
It produced this output:
CONNECTED(00000003)
depth=0 CN = sandbox.torawallet.gr
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = sandbox.torawallet.gr
verify error:num=21:unable to verify the first certificate
verify return:1
Certificate chain
0 s:CN = sandbox.torawallet.gr
i:C = US, O = Let's Encrypt, CN = R3
Server certificate
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISBGUZ7xAonRlcDg/s7hOhtiIBMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMDEyMTcwOTQ4MTdaFw0yMTAzMTcwOTQ4MTdaMCAxHjAcBgNVBAMT
FXNhbmRib3gudG9yYXdhbGxldC5ncjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBANT4upFshOMoIpLMQKHnhXsX5lykD5B5Skb5RspJUFwL3Tj1ULskWX8G
GrQ+g2lQg0uvUfKspHt21jh0D017Nh1w3R0qfIQ6fz5H5+1nwcbL4kY5JNu0GotB
/4n357EFSZOLsVU9Bath+kIHKGbPNTj0AMZb+E5cAesjkuW5gYk1npcbHwr06Xej
tWTZd/5EwjuA9xgmdqH1UwBH/wFI1df8EqTKe3dOef9C3IyFOXr8hwN/IGzP198M
+wSSDlUtBckLJu/J+i7489+85yHj+4cAOI+H5EvJJmHhKBgons57tanmFLu/Yhpa
PPLUt/8D1MtwET4xQohTeH6uu5ZdHVUCAwEAAaOCAmowggJmMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw
ADAdBgNVHQ4EFgQU0fmEsGrlcwj7qEXOJApPOTnKG2swHwYDVR0jBBgwFoAUFC6z
F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo
dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl
bmNyLm9yZy8wOQYDVR0RBDIwMIIXKi5zYW5kYm94LnRvcmF3YWxsZXQuZ3KCFXNh
bmRib3gudG9yYXdhbGxldC5ncjBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEE
AYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9y
ZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AESUZS6w7s6vxEAH2Kj+KMDa5oK+
2MsxtT/TM5a1toGoAAABdnBQlBkAAAQDAEcwRQIhAJo7130t4gRlQn2beV6GS19S
+JUvXqTT3TGLJ+rLd5xTAiBe+i4YWlQ17vxuG/hqnaYEe8mgOR5GP5alNAyosuR6
swB3APZclC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAABdnBQlAsAAAQD
AEgwRgIhAOhBwp5gPe3ZWzhh7V2er5MjiQFIlYKXRhr+fGj1NAn/AiEAwUx07TYA
aOAqk1fuFbdR2+QvQr+bUXdUTkp7HituU6YwDQYJKoZIhvcNAQELBQADggEBAFi4
lejtlwAjJ5nExpExOAb2YDZkEyxrxIcqrkasiPfmJIXPaMMXXWvMq51OPlQA2s07
FhKMJq+P2/RLaA8BPdqyHD39mtNpTfI43dAj2SSMAmPrgv8BTL8X9d2Fl/QNgdcv
OPNCHuYqvSnFm52djXCjFnPFhtTNWyKYnzl9Dvwv0DMztn0wMu4xxLb+WWwEgS94
MROuSl/swSH9nCASPA1IplshoL5Wi3pPl4/CsTxEF3az9BsFj/RAo4PbxYdpm24J
dAgnok8mLhskVHSEWnrQtF+czR9sWjJov4H/70QBrYHJwkFO2wJUzlUcGSFWbQRg
v1vcRNUJ7RaUKeDOOqU=
-----END CERTIFICATE-----
subject=CN = sandbox.torawallet.gr
issuer=C = US, O = Let's Encrypt, CN = R3
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
SSL handshake has read 1918 bytes and written 403 bytes
Verification error: unable to verify the first certificate
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 21 (unable to verify the first certificate)
closed
My web server is (include version):
nginx/1.10.3
The operating system my web server runs on is (include version):
Distributor ID: Debian
Description: Debian GNU/Linux 9.1 (stretch)
Release: 9.1
Codename: stretch
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
yes
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
v2.8.7