On Tuesday, 5 October 2021 11:45:23 PDT Christophe Thomas wrote: > For the cert chain we are currently using the default LE setting so we > currently provide the X1 Cross signed with expired X3. > > Netherless, the issue is that strangely we need to force caCertificate load > in order to have the connexion accepted.
In the client's system, is the ISRG Root X1 certificate present? Can you check with plain openssl s_client command to see if the problem is OpenSSL? -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel DPG Cloud Engineering _______________________________________________ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
