This is exactly what happened to us.

-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Pete Helgren
Sent: Monday, September 29, 2025 12:26 PM
To: midrange-l@xxxxxxxxxxxxxxxxxx
Subject: Re: [EXTERNAL] SSL/TLS issue with FTP

FWIW, I just went through this myself. I was mystified as to why my
sites weren't connecting. The new cert was using an updated/new
intermediate and the old one, seemed to be the issue. My Letsencrypt
certs are signed by Letsencrypt R12 and R13 which are, in turn, signed
by ISRG Root X1. I don't recall if the intermediates had expired or
that the Letencrypt certificate update required a different
intermediate, but I downloaded and installed the R12 and R13
intermediates , which I never recall having to do before (been using LE
for years).

Selecting the certificate in DCM and then viewing the Certificate
Hierarchy told me everything I needed to know. But it was strange
because, like I said, I never had to download new intermediates before.

Pete Helgren
https://protect.checkpoint.com/v2/r01/___www.petesworkshop.com___.YzJ1OnRvdGFsYml6ZnVsZmlsbG1lbnQxOmM6bzphNzgyZTcwZjJiMjM3ODlmMzZhNWQ0ZTgzODFhYjE2Mzo3OjRiM2U6MTBjNGM1ODNlN2QyMzRhN2M2ZWFiYzRjMzcyZDQyNmFmMzc2MTYzYjY5ZDhiOGE2ZWM5ZGQyZWEwOGJkM2M0NzpwOlQ6Rg
CISSP - MSCM
GIAC Cloud Penetration Tester
AWS Certified Cloud Practitioner
Microsoft Certified: Azure Fundamentals

On 9/29/2025 10:16 AM, Greg Wilburn wrote:
We had to manually download and add the intermediate certificate.

This is crazy... these certificates expire every 90 days. Surely they should renew.

-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Greg Wilburn
Sent: Monday, September 29, 2025 9:02 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: [EXTERNAL] SSL/TLS issue with FTP

Our hosted FTP server must have updated the certificate over the weekend. We are not unable to connect using
FTP RMTSYS(myftpserver) SECCNN(*SSL)

The error is
234 AUTH TLS successful
The server's certificate is not signed by a trusted certificate authority.
Do you want to trust the server's certificate temporarily in this session? (y/n)
Secure connection error, return code 6000

Connecting from a PC works just fine. The CA is "Let's Encrypt".

In DCM, I've populated all of the Let's Encrypt CA's along with ISRG Root 1 and 2.

What am I missing?
[Logo]<https://protect.checkpoint.com/v2/r01/___https://www.totalbizfulfillment.com/___.YzJ1OnRvdGFsYml6ZnVsZmlsbG1lbnQxOmM6bzphNzgyZTcwZjJiMjM3ODlmMzZhNWQ0ZTgzODFhYjE2Mzo3OjJkMzE6ZTE5MzIwMDMxZTVmNjIxOGVjMTQ0MDViODEyY2Q2ZjIxYzI2ZDM0N2U4M2Q1OTdjYjc1NGI0OTUxNzdhY2NhZDpwOlQ6VA> Greg Wilburn
Director of IT
301.895.3792 ext. 1231
301.895.3895 direct
gwilburn@xxxxxxxxxxxxxxxxxxxxxxx<mailto:gwilburn@xxxxxxxxxxxxxxxxxxxxxxx>
1 Corporate Dr
Grantsville, MD 21536
https://protect.checkpoint.com/v2/r01/___www.totalbizfulfillment.com___.YzJ1OnRvdGFsYml6ZnVsZmlsbG1lbnQxOmM6bzphNzgyZTcwZjJiMjM3ODlmMzZhNWQ0ZTgzODFhYjE2Mzo3OjEwYmE6MWZkYWZmNzA5MDk3YmJkZDk3YjZmODY3OWIxOTEzYmVkYjdjYzBiYmJlNzhhZGRlZWRhYjljYjc0YjlhZDFjYzpwOlQ6Rg<https://protect.checkpoint.com/v2/r01/___http://www.totalbizfulfillment.com___.YzJ1OnRvdGFsYml6ZnVsZmlsbG1lbnQxOmM6bzphNzgyZTcwZjJiMjM3ODlmMzZhNWQ0ZTgzODFhYjE2Mzo3OmQ5ZWE6NWYwNDFhY2M3NDU5YjA0MmNhNjRhODQxOGFjZTdiOGJlNzhjZjU3MmU2Yjg2OGU1NGRmYjlmMzRiY2Q4NDlkYjpwOlQ6VA>
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://protect.checkpoint.com/v2/r01/___https://lists.midrange.com/rfnqrfsdqnxynsktdrniwfslj-q___.YzJ1OnRvdGFsYml6ZnVsZmlsbG1lbnQxOmM6bzphNzgyZTcwZjJiMjM3ODlmMzZhNWQ0ZTgzODFhYjE2Mzo3OjE4NGM6NjU0YTU3NjcyNDhlYjcwY2IzNmI0MzRjNmJiYjI3MGM1NDFkYzQ1NmY4NGE0YmExNzQyN2Y4YWJlNjQ1ODljMzpwOlQ6VA
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://protect.checkpoint.com/v2/r01/___https://archive.midrange.com/rniwfslj-q___.YzJ1OnRvdGFsYml6ZnVsZmlsbG1lbnQxOmM6bzphNzgyZTcwZjJiMjM3ODlmMzZhNWQ0ZTgzODFhYjE2Mzo3OjU2MDU6Njk4YWQyZGQ1NzkzNzMzYTQzMTE1Y2I0ZDA2YzI5NzBkOGFmMjIwMTYzYzk3ZGU0ZmFjODY4ZWM3N2EzM2QwZDpwOlQ6VA.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.




[CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.]

Greg Wilburn
Director of IT
301.895.3792 ext. 1231
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://protect.checkpoint.com/v2/r01/___https://lists.midrange.com/rfnqrfsdqnxynsktdrniwfslj-q___.YzJ1OnRvdGFsYml6ZnVsZmlsbG1lbnQxOmM6bzphNzgyZTcwZjJiMjM3ODlmMzZhNWQ0ZTgzODFhYjE2Mzo3OmE3NzE6NjY2ZDIxMDI0ZjEzYTJiYTExOWY0NWE0ZGZlOTIyNjlmYTU4YmE5YWIzZDVkNzZmOTIzMDEwYWFkOTdmMGQyYTpwOlQ6VA
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://protect.checkpoint.com/v2/r01/___https://archive.midrange.com/rniwfslj-q___.YzJ1OnRvdGFsYml6ZnVsZmlsbG1lbnQxOmM6bzphNzgyZTcwZjJiMjM3ODlmMzZhNWQ0ZTgzODFhYjE2Mzo3OjQzODI6NWE3MjRmOWI5NGJkMTYzODRjYjQ5YWY0ODhiZWUyZjg2ZGVkZTI1ODA0ZDhhMWVkNTE0OWRlMjBhMTNjODNhMjpwOlQ6VA.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Greg Wilburn
Director of IT
301.895.3792 ext. 1231

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.