Jump to content
  • 0

SSL Problems

Moritz Bastian


  • Answers 12
  • Created
  • Last Reply

Top Posters For This Question

12 answers to this question

Recommended Posts

  • 0

Hello Moritz,

I think there were some issues recently with Lets encrypt ssl certifications.
Can you please generate a new one and enable SSL according to https://github.com/ant-media/Ant-Media-Server/wiki/SSL-Setup
For self signed certificates you can refer https://github.com/ant-media/Ant-Media-Server/wiki/Frequently-Asked-Questions#how-to-use-self-signed-certificate-on-ant-media-server

Best Regards,
Mohit Dubey


Link to comment
Share on other sites

  • 0
Hi everyone, 

Let me explain this.

Let's Encrypt was using "DST ROOT CA X3" for certificates and it has been expired on 30 of September 2021. Because of this, since there are not any new CAs in the clients, certificate errors occurred, and Let's Encrypt now uses "ISGR ROOT X1" and "ISRG ROOT X2" as new Root CAs.

To solve the certificate errors, you should import the following certificates (ISGR ROOT X1, ISRG ROOT X2, ) to your computers or other devices.

You may also get a certificate error because the ones in the list below use "DST ROOT CA X3".

Windows >= XP SP3 (assuming Automatic Root Certificate Update isn’t manually disabled)
macOS >= 10.12.1
iOS >= 10 (iOS 9 does not include it)
iPhone 5 and above can upgrade to iOS 10 and can thus trust ISRG Root X1
Android >= 7.1.1 (but Android >= 2.3.6 will work by default due to our special cross-sign)
Mozilla Firefox >= 50.0
Ubuntu >= xenial / 16.04 (with updates applied)
Debian >= jessie / 8 (with updates applied)
Java 8 >= 8u141
Java 7 >= 7u151
NSS >= 3.26

I hope it's clear now.

Link to comment
Share on other sites

  • 0
I am very confused as to why you think asking end users to perform a complicated task on their system is a better solution than swapping out the SSL certificate? Even brand new Macbook Pros with updated software have this issue. 

We purchased a wildcard from Setigo and it works great and now all errors are gone. This problem was a nightmare for us last week and cost us a lot of money. I wouldn't recommend anyone stay with Letsencrypt cert. Just my opinion. 



Joe Brundige 
uc?export=download&id=1US9-qeox95jaOftD-rB8BNXKTPvBlFYs&revid=0BxA6OT8_hRlxN21rSkNWKzU3Yk02dXdmRVZ4NS84eGJFc3g4PQ 310.889.8288
uc?export=download&id=1sFwoiXtYa5xnCqOy4PKcaQqkcLJyEU4L&revid=0BxA6OT8_hRlxMVZpWnIvUUM3V2NWSG15RUxoWnZQZ0ZrTFFrPQ 424.444.0555

Link to comment
Share on other sites


  • Create New...