Let's Encrypt root certificate on SailfishOS 4.x

Today I was not able to connect from my XA2 with SFOS 4.1 to my TT-RSS server, which uses a Let’s Encrypt SSL certificate.

Checking with my workstation browser all looked ok, so as I remember that this week the old root cert was expiring today (see DST Root CA X3 Expiration (September 2021) - Let's Encrypt ) I added the new ‘ISRG Root X1’ root cert, by copying it to /etc/pki/ca-trust/source and running update-ca-trust. And the issue got solved.

I assume that SailfishOS (at least 4.1, I haven’t updated yet to 4.2) has only ‘DST Root CA X3’ ?

If somebody confirms I can open a proper bug report for the sailors.

Works for me without issues on 4.2 as well as 4.1.
You may want to check your server’s certificate chain…

1 Like

I can connect from 4.1 to letsencrypt supplied sites (netzpolitik.org, for instance). I think it’s not the client side certs.