Skip to Content.
Sympa Menu

overpass - Re: [overpass] with letsencyrpt certificates

Subject: Overpass API developpement

List archive

Re: [overpass] with letsencyrpt certificates

Chronological Thread 
  • From: mmd <>
  • To:
  • Subject: Re: [overpass] with letsencyrpt certificates
  • Date: Sat, 19 Mar 2016 12:29:46 +0100

Hi Roland,

Am 19.03.2016 um 12:04 schrieb Roland Olbricht:
> Dear all,
> the public server got a new certificate. I've changed
> the provider from StartSSL to Let's Encrypt. Please feel free to report
> any new problems with refused connections or certificates.

> On Ubuntu 14.04 the root CA of letsencrypt isn't trusted everywhere. If
> you do a
> wget
> you may get a message that the connection was refused. The fix is:
> - download the two Letsencrypt root certificates (the base and the X1
> one) [no link on purpose - it is much harder to trick a search engine
> than to add a rogue link to an email].
> - rename them to end in *.crt and copy them to
> /usr/share/ca-certificates/extra/
> - run "sudo dpkg-reconfigure ca-certificates"
> - select the two new certificates in addition to the existing ones

according to this Github issue, you don't have to import the root CA of
let's encrypt to get wget and friends working:

I tried "wget"; as mentioned in that
ticket, and it works out of the box, without importing any root CA
first. On the other hand I get a certificate error when trying the same
with "";.

Someone suggested the following in the ticket:

"I used fullchain.pem instead of cert.pem and curl and wget started

Could you please take a look again?



Archive powered by MHonArc 2.6.18.

Top of Page