centos – SSL issues "The Peer certificate issuer has been marked as unapproved by the user."

We have a public development server that requires SSL for a particular function.

Still, anything that uses SSL in any form returns

curl: (60) The issuer of the Peer certificate has been marked as not approved by the user.

This is not a problem of "Well, just use ssl-verify = false on yum, or –insecure on curl queries.

I realize that I can do that on those two to make my calls. But finally, I MUST be able to use SSL because the development for which we use these servers requires it.

It seems that the CA is obsolete. I tried the following
https://access.redhat.com/solutions/1549003

I myself have tried to import the file cacert.pem (although I admit, the knowledge I miss, so it is possible that I was wrong)

I've checked the date / time on the server to make sure it's not the problem.

I can not get the "Network Administrator" (term used in an approximate way because it will be the first to admit that it has absolutely no knowledge of Linux – Microsoft pure) and even be bothered by the reinstallation of Centos on this machine. So I have to find a solution to that.

Any help would be appreciated. Here are some examples of what we get when we try to do things such as yum, curl, and run some execbot –apache running.

YUM

[root@localhost work]# yum reinstall mc
Plugins loaded: the fastest
Loading mirror speeds from the cached host file
Can not get metalink https://mirrors.fedoraproject.org/metalink?repo=epel-
7 & arch = x86_64 error was
14: curl # 60 - "The issuer of Peer's certificate has been marked as not approved by
l & # 39; User ".
* base: repos.dfw.quadranet.com
* epel: mirror.compevo.com
* extras: repos-tx.psychz.net
* updates: mirror.us.oneandone.net
* webtatic: repo.webtatic.com
https://us-east.repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 
14] curl # 60 - "The issuer of Peer's certificate has been marked as not approved by
l & # 39; User ".
Try another mirror.
It was impossible to connect to the CentOS servers.
This could cause a connectivity problem in your environment, such as
obligation to configure a proxy,
or a transparent proxy that impairs TLS security, or an error
system clock.
You can try to solve this problem by using the instructions on
https://wiki.centos.org/yum-errors
If the article above does not help to solve this problem, please use
https://bugs.centos.org/.

https://uk.repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 14] 
curl # 60 - "The issuer of Peer's certificate was marked as not approved by the
user."
Try another mirror.
https://sp.repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 14] 
curl # 60 - "The issuer of Peer's certificate was marked as not approved by the
user."
Try another mirror.
https://repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 14] 
curl # 60 - "The issuer of Peer's certificate was marked as not approved by the
user."
Try another mirror.

LOOP

[root@localhost work]# curl https://www.google.com
curl: (60) The issuer of Peer's certificate was marked as not approved by the
user.
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
public keys from the Certificate Authority (CA). If the defect
bundle file is not adequate, you can specify another file
using the --cacert option.
If this HTTPS server uses a certificate signed by a certificate authority represented in
the package, the verification of the certificate has probably failed due to a
problem with the certificate (it may be expired, or the name may
does not match the domain name in the URL).
If you want to disable certificate verification by curl, use
the -k option (or --insecure).

CERTBOT (FOR REQUEST OF LETSENCRYPT SSL CERT)

[root@localhost work]# sudo certbot --apache
Saving the debug log in /var/log/letsencrypt/letsencrypt.log
Selected Plugins: Apache Authenticator, Install Apache
Enter the e-mail address (used for urgent renewal and security notifications) (Entry
& # 39; c & # 39; to cancel): email@host.com
Launching a new HTTPS connection (1): acme-v02.api.letsencrypt.org
An unexpected error appeared:
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] failure to verify the certificate
(_ssl.c: 579)
Please see the log files in / var / log / letsencrypt for more details.