On 7 Oct 2021, at 11:23, Benny Kjær Nielsen wrote:
On 7 Oct 2021, at 19:46, Raza Rizvi wrote:
As a follow-up,
https://docs.certifytheweb.com/docs/kb/kb-202109-letsencrypt/
suggestion of a reboot appears to correct the chained certificate
issue on my home machine.
Ah, good to know. That also means that the software update I did on
my 10.15 machine was likely not really necessary to fix the issue. A
reboot might have been sufficient.
For anyone Googling this issue and then finding this mailing list
thread: Here's a [direct
link](https://docs.certifytheweb.com/docs/kb/kb-202109-letsencrypt/#macos-ios-etc)
to the section on how to resolve it on macOS.
Hi Benny,
I went to that link, downloaded the ISRG Root X1 cert and added it and
changed the trust setting. Rebooted my Mac but the old expired DST Root
CA X3 cert was still in the System Roots certificates (along with a
bunch of other even older expired certs). Keychain Access wouldn't let
me get rid of it/them.
I had to resort to
sudo security delete-certificate -c "DST Root CA X3"
/System/Library/Keychains/SystemRootCertificates.keychain
which got rid of it (and I used it to remove all the other expired
certs), but after restarting MailMate I am still getting the "SSL
certificate problem: certificate has expired" error from the Software
Update check.
Not sure why. Maybe I need to do yet another reboot?
- Greg
_______________________________________________
mailmate mailing list
[email protected]
https://lists.freron.com/listinfo/mailmate
