New script telegram3 fails with crl not found in spite of the GoDaddy CA cert being added.
> system/script/run telegram3
Telegram script initiated.
status: failed
failure: SSL: ssl: crl not found for: "CN=api.telegram.org" (6)
On RoS 7.18.1 the solution is to import both the api.telegram.org cert and its CRL which can be found with:
openssl s_client -connect api.telegram.org:443 -showcerts </dev/null 2>/dev/null \
| openssl x509 -noout -text \
| awk '/http/ && /(crl|crt)/'
This logic should be added to the script.
Certs look like:
> certificate/print
Flags: K - PRIVATE-KEY; A - AUTHORITY; I - ISSUED; T - TRUSTED
Columns: NAME, COMMON-NAME
# NAME COMMON-NAME
4 T gdig2.crt_0 Go Daddy Secure Certificate Authority - G2
5 T GoDaddyRootCA.txt_0 Go Daddy Root Certificate Authority - G2
> certificate/crl/print
Columns: CERT, LAST-UPDATE, NUM, REVOKED, URL
# CERT LAST-UPDATE NUM REVOKED URL
0 none 2025-03-07 05:21:00 22 0 http://certificates.godaddy.com/gdroot-g2.crl
1 none 2025-03-07 05:21:01 361 76 http://crl.godaddy.com/gdig2s1-19134.crl
New script
telegram3fails with crl not found in spite of the GoDaddy CA cert being added.On RoS 7.18.1 the solution is to import both the api.telegram.org cert and its CRL which can be found with:
This logic should be added to the script.
Certs look like: