Gpg4win LetsEncrypt issue
andrewg at andrewg.com
Thu Dec 30 21:53:09 CET 2021
> On 30 Dec 2021, at 16:27, Alex Nadtoka <alex.nadtoka at gmail.com> wrote:
> Even if I remove root certificate from the server it will be added again on renewal.
It is the client that needs the ca certificate to be removed, not the server. The root cause is that there is more than one verification path possible and unpatched openssl versions pick the wrong (expired) option.
More information about the Gnupg-users