Since this morning ( I suppose for this DST Root CA X3 Expiration (September 2021) - Let's Encrypt ) We are unable to run the rt-cli on CentOS 7.
All packages on yum are up-to-date ( included ca-certificates ). Do you know from where this error comes from?
Probably OpenSSL v 1.0 ?
If you provide an API or have to support IoT devices, you’ll need to make sure of two things: (1) all clients of your API must trust ISRG Root X1 (not just DST Root CA X3), and (2) if clients of your API are using OpenSSL, they must use version 1.1.0 or later
I doubt that because tools like curl are working.
For now the workaround I found to use the cli is by exporting:
PERL_LWP_SSL_VERIFY_HOSTNAME=“0”
here our host was still a Debian 8, and there was no way to have it work with the new certificates.
I had to upgrade Debian to at least version 10 and now cetificates were ok.