Certbot SSL: CERTIFICATE VERIFY FAILED with Let's Encrypt on CentOS

Published on Aug 24, 2019

Hello, in this article, we will fix this SSL issue. The solution is the same as cURL error 60: Peer’s Certificate issuer is not recognized‘s solution. I write the solution in that article. I’m also sharing the solution here too.

The error looks like:

SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:658)

The Solution

Let’s install the ca-certificates package by using this command:

yum install ca-certificates

We have to enable dynamic CA configuration feature. Let’s do this by this command:

update-ca-trust force-enable

Restart your webserver to check if the error was solved or not.

// Apache
sudo systemctl restart httpd
// Nginx
sudo systemctl restart nginx

If the error not solved yet, then follow these steps:

  • Add your cert.pem file to /etc/pki/ca-trust/source/anchors/.
  • If you don’t have cert.pem file, you can convert cert.crt to cert.pem using OpenSSL: openssl x509 -in cert.crt -inform der -outform pem -out cert.pem.
  • Last update ca-trust using this command: update-ca-trust extract.

Now restart your webserver and check.

Note: You can also upload cert.pem file to any location and can set a Symbolic link like this:

sudo ln -s /etc/ssl/your-cert.pem /etc/pki/ca-trust/source/anchors/your-cert.pem
The article is over. Thanks for reading. ?

Most Related:

Comments (0)