Posts by RobertPaulsen

Thanks guys,
it turned out that one of the add-in updates must have somehow altered config so my time server was not set. The RPi deemed itself in march 2017 at which time the certificate Sky Ticket is using as of June is not yet valid.
Added time server, waited for sync et voilá , things worked again. When reading through chewitt's comments I *FP* , as he's right, I don't need the intermediate, just the root CA which indeed IS in the bundle. So all is good regarding certs. I'd rather not allow to add certs to the bundle but handle additional trust in the code which requires it (VPN bundles, etc).

Thank you for the prompt responses and good leads, happy to see that not only the software is great to use but the forum is as well. Thumbs up. !

Hey,
I have successfully been using SkyTicket add-on until some days ago. The addOn won't connect any more and debug logging tells me, it fails to verify the certificate of
navigation.xml
That URL uses a certificate from June 8th 2017 which was signed by Symantec Class 3 Secure Server CA which in turn was signed by Verisign Class 3 Public (G5).

I am not exactly sure which recent update triggered this but I suspect

Looking at /etc/ssl/cert.pem I can find the Verisign one but the Symantec one is missing this breaking the validation path.
I would like to add the Symantect one but I haven't found any instructions on how to...

Ideas and referrals are welcome, thx.

info: Rapberry 2 - model B (Revision a01041) , LibreElec 8.0.2