Knowledgebase

Ubuntu SSL routines:tls_process_server_certificate:certificate verify failed

The error message you're seeing, SSL routines:tls_process_server_certificate:certificate verify failed, indicates that there is an issue with the SSL certificate verification process during an SSL/TLS handshake.

Here are steps you can take to address this issue:

  1. Check System Date and Time:

    Ensure that the system date and time on your server are set correctly. If they are incorrect, SSL/TLS certificates may fail to verify.

  2. Update Certificate Authorities (CA):

    The SSL library may not have up-to-date root certificates. Update the CA certificates:

    For Ubuntu, you can do this using the following command:

    bash

 

  • sudo apt-get install ca-certificates

  • Verify Certificate Chain:

    Use an SSL checker tool (such as openssl s_client) to verify the SSL certificate chain. This can help identify if there are any issues with the certificate chain.

    For example:

    bash

 

  1. openssl s_client -connect example.com:443

    Replace example.com with the actual domain you're trying to connect to.

  2. Check for Proxy or Firewall Issues:

    If your server is behind a proxy or firewall, ensure that it allows outgoing connections on port 443 (HTTPS).

  3. Verify Certificate on the Server:

    Make sure that the SSL certificate installed on the server is valid and properly configured. Check for any expiration or misconfiguration issues.

  4. Use the Correct Domain:

    Ensure that you are using the correct domain in your request. The domain name must match the one on the SSL certificate.

  5. Disable Certificate Verification (Not Recommended):

    While not recommended for production use, you can temporarily disable SSL certificate verification to test if it resolves the issue. However, this can expose your system to security risks.

    In Python, you can use the verify=False argument in the requests library.

  6. Contact Website Owner or Certificate Authority:

    If you are connecting to a third-party website or service, contact the website owner or the certificate authority to ensure that their SSL certificate is valid and properly configured.

  7. Check for SSL/TLS Version Compatibility:

    Ensure that the SSL/TLS version used by your client is compatible with the server. Some servers may require specific versions of SSL/TLS.

  8. Update OpenSSL:

    Ensure that OpenSSL is up-to-date on your system. Outdated versions may have known issues with SSL certificate validation.

  9. Verify DNS Resolution:

    Ensure that your server can resolve the DNS of the target server correctly.

Remember to proceed with caution, especially if you're considering disabling certificate verification. It's important to reinstate proper certificate validation once the issue is identified and resolved.

 
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to install Cloudlinux on Ubuntu

CloudLinux is an operating system that is specifically optimized for shared hosting providers. It is based on the CentOS operating system, which is itself a derivative of Red Hat Enterprise Linux...

Wizard broken: TypeError: 'NoneType' object is not iterable

It seems like you're encountering a TypeError in your code, specifically, 'NoneType' object is not iterable. This error typically occurs when you're trying to perform an operation (like...

How to upgrade CloudLinux from Shared to Shared Pro?

CloudLinux offers various hosting solutions, including CloudLinux Shared and Shared Pro. If the process hasn't changed significantly since then, here's a general guide to upgrading from CloudLinux...

You have third-party kernel module(s) rpm installed

I don't have the capability to install or manage software on a system, including third-party kernel modules or RPM packages. My function is to provide information and answer questions to the best...

Recommended CloudLinux & control panel conversion order

When converting from regular CloudLinux to CloudLinux with a control panel, there are several steps you should follow to ensure a smooth transition. Here is a recommended conversion order:...