• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Our servers are not able to send intermediate certificate R3 using let's encrypt

Scheduled Pinned Locked Moved ACME
1 Posts 1 Posters 509 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • H
    HYDS DevOps
    last edited by Oct 4, 2021, 3:15 PM

    Our servers are not able to send intermediate certificate R3 using let's encrypt.

    We are using Acme Certificates & Certificate Manager in a 2.4.5 pfSense.

    Due to the root certificate expiration in 29 of September, we followed the instructions in this post (https://forum.netgate.com/topic/166269/heads-up-dst-root-ca-x3-expiration-september-2021/1) in order to renew the certificate.

    Once renewing the certificates through Acme Certificates in pfSense we can see in the Cert. Manager that those certs are being generated but once we try to execute a openssl s_client command (doesn't work with curl either) agains our domains it shows:

    capturapfforum2.png

    Besides once doing a query on ssllabs we can see the following:
    capturapfforum.png

    We can see that the previous certificate is still sent by the server but the new R3 certificate tells us that need "Extra download".

    We believe that our server is not seding the R3 but we can't figure out why.

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received