Trouble with Let's Encrypt cross-signed certificate?


I’ve been using a third-party library (pyTwitchAPI) for subscribing to events for a few months. But last week my app stopped working out of the blue, with no code change on my part.

I checked with several library users but everything is fine with them. I’ve yet to do more thorough debugging but I strongly suspect this has something to do with my X.509 certificate, which is issued by Let’s Encrypt.

More precisely my cert is issued by ‘Let’s Encrypt R3’, which was cross-signed by both a valid root (ISRG Root X1) and another root (IdenTrust) which expired on September 30th. Which is exactly the day my app stopped working.

It’s related to some issues e.g. a plain wget on my server from my Debian 10 fails with a ‘certificate has expired’ error, even though I’m actually presenting the new, valid root.

Could it be that Twitch stopped trusting the R3 certificate altogether because of the cross-signature?

See this post

Which describes a solution

Thanks for the quick reply, I’ll validate the answer once I’ll get to check.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.