The DST Root X3 Root certificate used by Let's Encrypt expired today.
The certificate is present in Chef 14 trust store and causes any chef-based connection to Let's Encrypt secured website (e.g. to download apt repository keys and the like) to fail with a certificate validation.
This patch forcibly removes the DST Root CA X3 from chef's trust store after the chef package has been installed.
The
DST Root X3
Root certificate used by Let's Encrypt expired today.The certificate is present in Chef 14 trust store and causes any chef-based connection to Let's Encrypt secured website (e.g. to download apt repository keys and the like) to fail with a certificate validation.
This patch forcibly removes the
DST Root CA X3
from chef's trust store after the chef package has been installed.