Users of the API are reporting certificate problems. There may be an issue with an old root certificate of the certificate supplier Let’s Encrypt that expired today:
Our technical dept is now checking the issue. We’ll post updates here.
Any ETA on it? We are facing issues at our application and receiving following error.
OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=error: certificate verify failed (certificate has expired))
We’ve updated the chain of certificates being served. Here’s the current:
Certificate chain
0 s:/CN=api.routexl.com
i:/C=US/O=Let's Encrypt/CN=R3
1 s:/C=US/O=Let's Encrypt/CN=R3
i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
That should fix the problem. If it still does not work for you, you seem to have two options:
- The safe way from the link above: trust ISRG Root X1 and upgrade OpenSSL to version 1.1.0 or later
- Unsafe but fast: disable CURLOPT_SSL_VERIFYPEER in your code