API Certificate issues for me

Fawwal · August 2, 2024, 1:11pm

Hello community, long time no talk, but I hope you’ll help me with this one.

I have a certificate installed, or at least, I thought I did. When finding and running the Raycast Plugin, after setting the details. I’m getting this error, but I don’t understand why it’s giving me this error.

ERROR
Something went wrong
request to https://MY.SERVER.com:8083/api/ failed, reason: unable to verify the first certificate

I have a digicert certificate installed for the my.server.com:8083, My assumption would be that this would be my certificate for all server functions, API or otherwise. I don’t have any issues with the Web GUI, Wordpress Plugin, or a custom API for provisioning.

I can confirm that the IP is whitelisted, and the API key is correct

sahsanu · August 2, 2024, 1:25pm

Hi @Fawwal,

If Digicert uses an Intermediate CA… did you add it to your certificate?

Fawwal · August 2, 2024, 1:30pm

Thanks for the reply Sahsanu, Good to see you again.

I was under the impression that digicerts root and intermediate certs were in everyone’s systems already, same with cloudflare and let’s encrypts chains of trust.

should I be looking on my computer or the server?

sahsanu · August 2, 2024, 1:39pm

Root certificates yes, intermediate ones no.

If you share the domain name I could check it. You can send me a private message if you don’t want to share it publicly.

sahsanu · August 2, 2024, 2:10pm

Anyway, you can check if you are sending the intermediate cert with this command (replace hestia.example.net with your actual domain):

openssl s_client -connect hestia.example.net:8083 -servername hestia.example.net 2>/dev/null </dev/null | sed -n '/Certificate chain/,/---/{//!p}'