Occasionally we have devices which can’t sync with NTP, so we have a container update system time by sending an http request to api.balena-cloud.com/ping and manually updating the time.
Recently there have been a few instances where the request fails because of an SSL certificate error. I have found a workaround of disabling SSL verification but I don’t want to do that by default. Once I use the workaround, the request succeeds and time is updated. After this point, the device does not need to ignore SSL to complete future requests.
Is there some sort of dependence on the correct time for SSL? If so I guess a better implementation would be to attempt with SSL and if that fails then attempt without?