MediaWiki with Parsoid Error 60
Jump to navigation Jump to search seems like there's a problem with STUNNEL if a Let's Get Encrypted Certificate is renewed (automatically or manually) without restarting the STUNNEL service.

IE, if you're getting a "Peer certificate cannot be authenticated with given CA certificates", restart the STUNNEL service and then restart the HTTPD Service (or whatever web service you're using). Until that is done, it appears the STUNNEL service "caches" the previous certificate, IE loads it upon start and keeps it, even if the underlying file (certificate) has been changed.

My hint was noticing that when accessing the website using HTTPS, the certificate was different when checking directly against the Parsoid Service (https://WhatEverWebSite:WhatEverPort). It differed by one month, which fits exactly with when Let's Encrypt automatically renews certificates.