2 Tier Enterprise CA certificates

[stohara]

I setup a local 2 tier PKI on my home network and would like to have Overseerr use https over http when connecting to Sonarr or Radarr.

When I start by clicking on use SSL and put in the information for Radarr, I got back
[Radarr] Failed to retrieve profiles: unable to verify the first certificate

I was using this arguments for Openssl to create the .p12 file, without the full chain

• openssl pkcs12 -export -in radarr.cer -inkey radarr.key -out radarr.p12 -name radarr.cgy.local root -password pass:password

I put the fullchain with the Root CA and intermediate for the .p12 SSL and use these switches for Openssl to create the P12 file

• openssl pkcs12 -export -in radarr.cer -inkey radarr.key -out radarr.p12 -name radarr.cgy.local -CAfile Root_plus_Intermediate.cer -caname root -password pass:password

The error I am getting now from Overseerr is
[Radarr] Failed to retrieve profiles: unable to get local issuer certificate

When I used openssl from the terminal window, I can get the same error messages from Openssl when I got the first error message "unable to verify the first certificate". For the second error message, I cannot, I obtain the message "Verify return code: 0 (ok)". I have my Root and intermediate certificate imported into the Debian Linxu OS.

• I did the process of "sudo update-ca-certificates"

It is like Overseerr is using Openssl but not pointing to the OS certificate.crt file or something.
example: openssl s_client -CAfile /etc/ssl/certs/ca-certificates.crt -connect radarr.cgy.local:9898

What do you think? Am I missing something?

OS: Debian 12 Linux

[tuyennn]

Same problem while using docker, all of the others app can connect to radarr but overseerr had problem with this.

[mikelock]

I also have this issue when using Lets Encrypt certificates. It used to work properly, not sure when it became 'broken' as I haven't requested series or movies in a while