Let’s Encrypt Changes Affecting Memberium Sites [Updates]

Memberium Team
Memberium Team
This Article Applies to

We received reports from users who are getting the errors below:

  • Memberium cannot connect to CRM: “Invalid API Key (328): ERROR: 8 – cURL error: SSL certificate problem: certificate has expired”
  • Memberium License not picking Up: “Loading Remote Page Content Failed: cURL error 60: SSL certificate problem: certificate has expired”

There was an SSL change announced last May which took effect September 30th. Most likely your server has not been updated, and that is what is causing this issue.

“On September 30, 2021, there will be a small change in how older browsers and devices trust Let’s Encrypt certificates. If you run a typical website, you won’t notice a difference – the vast majority of your visitors will still accept your Let’s Encrypt certificate.” – LetEncrypt 

Here’s the bulletin on the SSL issue from May 7, 2021
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

How to resolve the problem for “Loading Remote Page Content Failed: CURL error 60: SSL certificate problem: certificate has expired”

There was an SSL change announced last May which took effect September 30th. Most likely your server has not been updated, and that is what is causing this issue.

Here’s a link to the notice:
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

Option 1:
You need to reach out to your hosting provider and let them know that your server needs to make SSL connections to other servers and that you need your OpenSSL certificate trust list updated.

Your website’s plugins need to make API calls to other websites using the Let’s Encrypt SSL certificates. The root certs for Let’s Encrypt changed on September 30.

Your website’s OpenSSL root cert trust list is out of date, and has the old root certs in it, and cannot very/connect over SSL API’s to other servers using Let’s Encrypt SSL certs.

Your website team needs to update their OpenSSL certificate root bundles, and possibly reboot the server for it to be fixed.

Once that’s done, your server may need a reboot. This is NOT related to your site’s SSL certificate.

You can send this to your hosting provider:

Hello,

It appears my web server can’t make SSL API connections to other servers, and it appears you’ll need to update OpenSSL certificate trust list on my web server or my website to make that work.Please note this is NOT related to my SSL certificate.

This is the error I am seeing:
“cURL error 60: SSL certificate problem: certificate has expired”

Again, this is not related to my SSL certificate, but with OpenSSL certificate trust list on the web server my website is on.

Here’s the bulletin from last May from Let’s Encrypt about the SSL updates:
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

Also, here’s an article which should help you fix this even faster:
https://wp-kama.com/note/error-making-request-wordpress

Thanks,

How to resolve the problem for “Invalid API Key (328): ERROR: 8 – CURL error: SSL certificate problem: certificate has expired”

Option 1:
You need to reach out to your WebHost and let them know that your server needs to make SSL connections to other servers and that you need your OpenSSL certificate trust list updated.

Once that’s done, your server may need a reboot. This is NOT related to your site’s SSL certificate.

 

Option 2 (For Keap/Infusionsoft):
Use OAuth API Connection instead of using the Legacy API.

In order for you to enable OAuth API, you can navigate to Memberium => Settings => Performance tab and in there enable the “Beta OAuth API” option.

In order to be able to enable this option, you need to make sure a standalone i2SDK plugin is not used (you can verify this under the Plugins section and making sure there’s no i2SDK plugin). If you are using i2SDK, then we recommend disabling Memberium, then removing i2SDK, and then activating Memberium again.

Note: i2sdk is no longer required for Memberium since it is already built-in with Memberium. You can safely deactivate and delete this plugin if your Memberium is v2.182 and above.

After that is enabled, you’ll navigate to Memberium => Keap Connections section and connect to your Keap app.

How to resolve ActiveCampaign Webhooks Not Working
(As related to this issue)


We’ve contacted ActiveCampaign support and they’ve confirmed their servers will need to update the certificate trust (similar to what your webhost needed to do as mentioned above). The only workaround is to move away from Let’s Encrypt SSL until ActiveCampaign can update things on their end. Other certificate providers would work and not be affected by the recent changes at Let’s Encrypt.

We’d assume they are working on this as a top priority as it is likely affecting many customers.

 

 

If you have further questions, please feel free to contact us at support@memberium.com

Need Help With This? Get Help Instantly
  • Was this Helpful?
  • YesNo
9 ways to add more value to your membership site

Table of Contents

This Article Applies to

Keep Reading

Want to get some fresh ideas on how you can improve your membership site or course?

Download our free ebook!

DOWNLOAD IT NOW

Book a Call

Welcome to Memberium!

We are very excited for you to be part of our family. 

We would love to answer any questions that you have!

Please choose the best time for you to get in a call with us. 

For Technical Support, you can contact us at https://keap.memberium.com/support/ or Email us at support@memberium.com.

sales@memberium.com

https://keap.memberium.com/