Our servers are not able to send intermediate certificate R3 using let's encrypt
-
Our servers are not able to send intermediate certificate R3 using let's encrypt.
We are using Acme Certificates & Certificate Manager in a 2.4.5 pfSense.
Due to the root certificate expiration in 29 of September, we followed the instructions in this post (https://forum.netgate.com/topic/166269/heads-up-dst-root-ca-x3-expiration-september-2021/1) in order to renew the certificate.
Once renewing the certificates through Acme Certificates in pfSense we can see in the Cert. Manager that those certs are being generated but once we try to execute a openssl s_client command (doesn't work with curl either) agains our domains it shows:
Besides once doing a query on ssllabs we can see the following:
We can see that the previous certificate is still sent by the server but the new R3 certificate tells us that need "Extra download".
We believe that our server is not seding the R3 but we can't figure out why.