SSL certificate is not valid when the server is connecting itself

apache-2.2 ssl ssl-certificate ubuntu lets-encrypt 
Certificate chain
 0 s:CN = local.mydomain.com
   i:C = US, O = Let's Encrypt, CN = R3

The server is misconfigured and only sends an incomplete chain, missing the intermediate certificates. A properly configured site should instead return an additional intermediate certificate, leading to ISRG Root X1. Let's Encrypt has an example server for this:

$ openssl s_client -connect valid-isrgrootx1.letsencrypt.org:443
...
Certificate chain
 0 s:CN = valid-isrgrootx1.letsencrypt.org
   i:C = US, O = Let's Encrypt, CN = R3
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1

When using another computer ... Chrome shows that certification is valid.

Browser will usually successfully work around such misconfiguration by downloading the missing intermediate certificates or using cached copies. Other clients will not. So it's not a good idea to only check if it works with the browser. Use instead sites like SSL Labs which would report "chain issues" as problem in your case.

Related

How do I find the openssl libraries on Linux (Debian buster)
What happens when there's no custom chain to jump in a table in iptables?
Nginx reverse proxy for two webapplications
What could be causing twitterbot to take 6s to download small image assets?
cron/php how to run command as a non root user
Same DNS names, private ip-addresses used over multiple AZURE Corporate Accounts
Intermittent SERVFAIL from different locations - how to diagnose and fix?
What does passing the -xe parameters to /bin/bash do
How do I validate an RSA SSH public key file (id_rsa.pub)?
How to sort ps output by process start time?
Why use Chef/Puppet over shell scripts?
How to check what port mysql is running on