Certbot SSL: CERTIFICATE_VERIFY_FAILED with Let’s Encrypt on CentOS [Solved]

Published on August 24, 2019 48 sec read

Hello, in this article, we will fix this SSL issue. The solution is the same as cURL error 60: Peer’s Certificate issuer is not recognized‘s solution. I write the solution in that article. I’m also sharing the solution here too.

The error looks like:

SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:658)

The Solution

Let’s install the ca-certificates package by using this command:

yum install ca-certificates

We have to enable dynamic CA configuration feature. Let’s do this by this command:

update-ca-trust force-enable

Restart your webserver to check if the error was solved or not.

// Apache
sudo systemctl restart httpd
// Nginx
sudo systemctl restart nginx

If the error not solved yet, then follow these steps:

  • Add your cert.pem file to /etc/pki/ca-trust/source/anchors/.
  • If you don’t have cert.pem file, you can convert cert.crt to cert.pem using OpenSSL: openssl x509 -in cert.crt -inform der -outform pem -out cert.pem.
  • Last update ca-trust using this command: update-ca-trust extract.

Now restart your webserver and check.

Note: You can also upload cert.pem file to any location and can set a Symbolic link like this:

sudo ln -s /etc/ssl/your-cert.pem /etc/pki/ca-trust/source/anchors/your-cert.pem
The article is over. Thanks for reading. 🙂

Most Related:

Monthly Newsletter

One email a month, packed with the latest tutorials, delivered straight to your inbox.
We'll never send any spam or promotional emails.

Hey, I'm Md Obydullah. I build open-source projects and write article on Laravel, Linux server, modern JavaScript and more on web development.