Open wwadepohl opened 2 years ago
Yes, I'm having a problem with opening feeds coming from certain sites which coincidentally have their SSL certificate signed by the new Let's Encrypt root certificate ISRG Root X1. This is how it looks like:
When I have the feed's article opened in the Vivaldi browser, there's no problem and Vivaldi confirms in its address bar the connection is secure and the certificate is valid. That's because Vivaldi uses the system certificate store and in certmgr.msc I can see the ISRG Root X1 certificate is present among the trusted root certificates.
So it looks like QuiteRSS doesn't utilize the system certificate store and neither provides the ISRG Root X1 on its own. Unfortunatelly I couldn't find where I could manage QuiteRSS's root certificates to work around the issue and manually insert the ISRG Root X1 certificate there until QuiteRSS is officially fixed.
Update: Workaround in another issue thread.
Same problem here! For completeness' sake, here's the LetsEncrypt post on why this is happening now specifically: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ The workaround in the other thread you mentioned works for me.
QuiteRSS has no actual ISRG Root X1 to verify let's encrypt certificates