Guide book says to use cert.pem when using certbot certficates, which causes the error: "invalid peer certificate: UnknownIssuer"

DontBreakAlex commented 1 year ago

Hi !

I just spend two hours diagnosing why endpoint.connect(...) was returning TransportError(Error { code: Code::crypto(30), frame: None, reason: "invalid peer certificate: UnknownIssuer" }).

It turns out I had written:

let mut cert_chain_reader = BufReader::new(File::open("/etc/letsencrypt/live/pepito.mom/cert.pem")?);

When I needed:

let mut cert_chain_reader = BufReader::new(File::open("/etc/letsencrypt/live/pepito.mom/fullchain.pem")?);

The guide book says:

certbot asks for the required data and writes the certificate to cert.pem and the private key to privkey.pem. These files can then be referenced in code.

Am I doing something wrong or should the guide book be updated ?

Thanks !

djc commented 1 year ago

Sorry about that! The book is wrong, would you be able to send a PR?

DontBreakAlex commented 1 year ago

Will do !

quinn-rs / quinn

Guide book says to use cert.pem when using certbot certficates, which causes the error: "invalid peer certificate: UnknownIssuer" #1573