Connecting to an API is resulting in an error
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=error: certificate verify failed (certificate has expired)
Yet the certificate is servicing a number of domains & the browser query returns data that does not raise any alarms.
When querying data on the cert, the following errors are being raised:
openssl s_client -connect site.example.online:443 -cert certname
Error opening client certificate private key file certname
49295:error:02001002:system library:fopen:No such file or directory:/SourceCache/OpenSSL098/OpenSSL098-52.8.4/src/crypto/bio/bss_file.c:356:fopen('certname','r')
49295:error:20074002:BIO routines:FILE_CTRL:system lib:/SourceCache/OpenSSL098/OpenSSL098-52.8.4/src/crypto/bio/bss_file.c:358:
unable to load client certificate private key file
$ openssl s_client -connect site.example.online:443 -certform format
CONNECTED(00000003)
49310:error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version:/SourceCache/OpenSSL098/OpenSSL098-52.8.4/src/ssl/s23_clnt.c:593:
The certificates were installed with Lets Encrypt.
openssl version returns
OpenSSL 1.1.1f
this mistmatch is probably at the source of the API connection error.
How to make these matters line up properly?
Ubuntu 20.04.3 LTS (GNU/Linux 5.4.0-100-generic x86_64)
