>> The client side does lots of logging. >> Is there anything interesting in your logs?
> NTSc: certificate invalid: 20=>unable to get local issuer certificate That says it can't find the root certificate for ntp1.glypnod.com Everything else looks good. ntp1 and ntp2 are also in ntp.glypnod.com. That's a slightly more complicated case which might be confusing LibreSSL. Try ntp4.glypnod.com ntp1.glypnod.com is using Let's Encrypt. The root cert should be in your root cert collection. So maybe LibreSSL isn't looking in the right place. You can also try something like: server ntp1.glypnod.com nts ca /etc/.../ISRG_Root_X1.pem You will have to poke around on your system to find the right file. That's probably the right file name so a simple locate might find it for you. On my system (Fedora) it's in /etc/pki/ca-trust/extracted/pem/directory-hash/ISRG_Root_X1.pem -- These are my opinions. I hate spam. _______________________________________________ devel mailing list [email protected] https://lists.ntpsec.org/mailman/listinfo/devel
