From: "Paul Smedley" <ecs-isp@2rosenthals.com>
Received: from [192.168.100.201] (HELO mail.2rosenthals.com)
  by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10)
  with ESMTP id 2730035 for ecs-isp@2rosenthals.com; Tue, 09 Jun 2026 04:50:50 -0400
Received: from [192.168.200.201] (port=46888 helo=mail2.2rosenthals.com)
	by mail.2rosenthals.com with esmtp (Exim 4.98.2)
	(envelope-from <paul@smedley.id.au>)
	id 1wWsAS-000000006kU-1ODm
	for ecs-isp@2rosenthals.com;
	Tue, 09 Jun 2026 04:50:44 -0400
Received: from vps.smedley.id.au ([23.238.44.164]:53692)
	by mail2.2rosenthals.com with esmtps  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.98.2)
	(envelope-from <paul@smedley.id.au>)
	id 1wWsAK-000000006Va-0nTp
	for ecs-isp@2rosenthals.com;
	Tue, 09 Jun 2026 04:50:34 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smedley.id.au;
	s=default; t=1780995030;
	bh=DNK6ora2O1oMKQLqc5tHrMX87AFBv56wstsgzu9eW7A=;
	h=Date:Subject:To:References:From:In-Reply-To:From;
	b=xrDOTgogDATaaaNK4MaCKBFLUWc6nKFveWzWPaykDnudgKYOIuM3GRclqLpqnf0cX
	 kQL3LcVOHZBuLTywh6EnVIEOzt+5884FBKrcfQCvIQVYGrpoMIQmjmftxAkIo7Pk4Z
	 5ifhiTblX3KaSRgGDbd4ejRIJWHyq3fnK3WOSL8M=
Received: from [192.168.1.1] (smedley.org [45.249.117.21])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange x25519 server-signature ECDSA (prime256v1) server-digest SHA256)
	(No client certificate requested)
	by vps.smedley.id.au (Postfix) with ESMTPSA id A77A32005F
	for <ecs-isp@2rosenthals.com>; Tue, 09 Jun 2026 18:20:29 +0930 (ACST)
Message-ID: <8958f0ee-5525-4a14-90b0-ad5a02ea6e50@smedley.id.au>
Date: Tue, 9 Jun 2026 18:20:27 +0930
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [eCS-ISP] uacme 1.2.4 issue
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>
References: <list-2730016@2rosenthals.com>
Content-Language: en-AU
In-Reply-To: <list-2730016@2rosenthals.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

Hi Max,

On 9/6/26 17:36, Massimo S. wrote:
> Hi all,
>
> for a LE certificate renewal if i use uacme 1.2.4 i get this:
>
> uacme: version 1.2.4 starting on Tue, 09 Jun 2026 09:34:39
> ...
> ...
> uacme: fetching directory at 
> https://acme-v02.api.letsencrypt.org/directory
> uacme: curl_get: GET https://acme-v02.api.letsencrypt.org/directory 
> failed: Problem with the SSL CA cert (path? access rights?)
> uacme: curl_get: waiting 5 seconds before retrying
> uacme: curl_get: GET https://acme-v02.api.letsencrypt.org/directory 
> failed: Problem with the SSL CA cert (path? access rights?)
> uacme: curl_get: waiting 5 seconds before retrying
> uacme: curl_get: GET https://acme-v02.api.letsencrypt.org/directory 
> failed: Problem with the SSL CA cert (path? access rights?)
> uacme: curl_get: waiting 5 seconds before retrying
> uacme: acme_get: curl_get failed
> uacme: failed to fetch directory at 
> https://acme-v02.api.letsencrypt.org/directory
>
> while it works if i use uacme 1.0.9
>
> i've seen that i'm using 1.0.9 on all VMs, i forgot about that..
>
> any suggestion?
> any help?
>
My guess would be the ca-certs rpm package is either missing or out of date.

Cheers,

Paul