What file do you edit? I´m facing issues installing helium gateway-rs service into my RAK7258 gateway and trying to add my gateway to the blockchain. Everything point to the expired certificate will cause a lot of troubles when we need connect the gateways to new and present systems.
Just found out (after another major outage of gateways) that manually adjusting the Let’s Encrypt certificate after it was updated might not always be enough.
It seems that when the certificate was used before modification (which happens when you adjust it after the automatic update), the gateways not only fail in the period until the new certificate is adjusted, they keep failing on the correctly adjusted certificate. Not even a power cycle of the gateway is enough to resolve this, only by applying the LoRa Network Settings again or a firmware update the gateway starts to work with the adjusted certificate. Unfortunatly this requires us to physically visit each gateway location.
I pushed this issue via our sales contacts to RAK support. They raised it with their development team and I understand the plan is to update the OpenSSL to version 1.1.1. Lets see what is in the next release.
However after a power cycle 1 hour later it would not reconnnect and flood the log with:
daemon.err mqttEv[1949]: mqttEvRdReady: mosquitto [[gwBridgeS Mqtt Client]] loop misc ERR: 4
I applied the LoRa network settings again and finally managed to resolve that as before (as also mentioned by @mtbspace). As that problem appears to be independent from the long certificate chain with OpenSSL issue I created a new topic on it: Daemon.err mqttEv[2031]: mqttEvRdReady: mosquitto [[gwBridgeS Mqtt Client]] loop misc ERR: 4
There is a new firmware 1.3.3 out, although there is no mention of OpenSSL nor certificates in the release notes I will give it a try shortly and check its OpenSSL version.
Quick response from RAK with hopefull news: OpenSSL will be updated in the next firmware update of the WisGateOS1.x in August (worst in early September)