My company’s Ezlo boxes ceased being able to send messages to our server coincident with the expiry of Let’s Encrypt’s old Root Cert.
My impression is that this is due to the Ezlo running an old version of openssl: libopenssl1.0.2p - 1.0.2p-1
My Exlo’s os is eZLO OpenWrt 1.0.102. This appears to be a version from 2019.
This statement from openssl.org appears clear and authoritative. Old Let’s Encrypt Root Certificate Expiration and OpenSSL 1.0.2 - OpenSSL Blog
Can Ezlo provide a system software update to correct this problem?
Decoding the /etc/ssl/cert.pem I see the DST Root CA X3 is present as is the ISRG Root X1 but not the ISRG Root X2.
Also, purely as an example of the problem:
[command prompt[ curl -fsSL https://rpm.nodesource.com/setup_12.x
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.