Change SSL Cert for api.wp-worthy.de to Support OpenSSL 1.0.2
-
For Systems like Centos 7, Unbunto 16.04, RHEL 7 its not possible to use the api.wp-worthy.de because of a chain break in Let’s Enrypt and OpenSSL 1.0.2.
For TLS certificates issued by Let’s Encrypt, the root certificate (DST Root CA X3) in the default chain expires on September 30, 2021. Due to their unique approach, the expired certificate will continue to be part of the certificate chain till 2024. This affects OpenSSL 1.0.2k on RHEL/CentOS 7 servers, and will result in applications/tools failing to establish TLS/HTTPS connections with a certificate has expired message. Source: https://blog.devgenius.io/rhel-centos-7-fix-for-lets-encrypt-change-8af2de587fe4
On Systems with OpenSSL 1.0.2 the SSL Cert Chain breaks. For systems like CentOs 7 there are no options to use OpenSSL 1.1.x.
So if you change the SSL Cert from Let’s Enrcypt to another Public one, the older system like Centos 7, Unbunto 16.04, RHEL 7 will work without Problems.
- The topic ‘Change SSL Cert for api.wp-worthy.de to Support OpenSSL 1.0.2’ is closed to new replies.