Certbot SSL: CERTIFICATE VERIFY FAILED with Let's Encrypt on CentOS

Hello, in this article, we will fix this SSL issue. The solution is the same as cURL error 60: Peer’s Certificate issuer is not recognized‘s solution. I write the solution in that article. I’m also sharing the solution here too.

The error looks like:

SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:658)

The Solution

Let’s install the ca-certificates package by using this command:

yum install ca-certificates

We have to enable dynamic CA configuration feature. Let’s do this by this command:

update-ca-trust force-enable

Restart your webserver to check if the error was solved or not.

// Apache
sudo systemctl restart httpd
// Nginx
sudo systemctl restart nginx

If the error not solved yet, then follow these steps:

  • Add your cert.pem file to /etc/pki/ca-trust/source/anchors/.
  • If you don’t have cert.pem file, you can convert cert.crt to cert.pem using OpenSSL: openssl x509 -in cert.crt -inform der -outform pem -out cert.pem.
  • Last update ca-trust using this command: update-ca-trust extract.

Now restart your webserver and check.

Note: You can also upload cert.pem file to any location and can set a Symbolic link like this:

sudo ln -s /etc/ssl/your-cert.pem /etc/pki/ca-trust/source/anchors/your-cert.pem

The article is over. Thanks for reading. ?

Most Related:


Software Engineer | Ethical Hacker & Cybersecurity...

Md Obydullah is a software engineer and full stack developer specialist at Laravel, Django, Vue.js, Node.js, Android, Linux Server, and Ethichal Hacking.