Let's encrypt certificate can not be validated with SeaDrive / SeaFile

I’m using a Let’ encrypt certificate on my server and every other service works fine so far. There are a lot of services and visitors across all plattforms and browser.
So: The certificate is definetly valid.

seadrive.log tells me that “Peer certificate cannot be authenticated with given CA certificates.”. I just quickly checked the source code and root CA for curl are loaded by using a ca-bunde.pem located in your user folder seadrive/data/ca-bundle.pem.

In this PEM I can not find the root CA from Let’s Encrypt called ISRG Root X1 nor the intermediate certificate Let’s Encrypt R3. Simply searched for them in the file by using the first few character of the PEM string. If I add the root CA manually to ca-bundle.pem everything works fine. The root CA is definetly missing in the ca-bundle.pem.

  1. Why is this missing?
  2. How come I can not find any info about that when there are even tutorials and a docker image which has built-in let’s encrypt feature?

Error prob. related to Let’s Encrypt DST Root CA X3 Expiration (September 2021)

Upgrading to the latest Seafile-Client (8.0.4) fixed the problem for me…

1 Like