I believe I figured it out:
-
Download the ISRG X1 root cert in PEM format from Chains of Trust - Let's Encrypt
-
Call
openssl x509 -in ~/Downloads/isrgrootx1.pem -subject_hash_old | head -1to get a 8 character hash value -
Rename the downloaded file
mv -i ~/Downloads/isrgrootx1.pem /tmp/<hash>.0 -
Install the renamed file on the device under
/opt/alien/system/etc/security/cacerts/(devel-suneeded)
I made only one quick test because it’s getting late here. But it seemed to work.