Thanks for reaching out. Can you provide a bit more details on how the cert is signed? And, the output of ssl query: $ echo | openssl s_client -showcerts -servername registry.{mydomain} -connect registry.{xxxxx.xx}:443 2>/dev/null | openssl x509 -inform pem -noout -text
We have added support for ACME v2 (certs: Add support for an ACME certificate provider by richbayliss · Pull Request #38 · balena-io/open-balena · GitHub) and if you signed cert is from one. Then the cert-provider container logs can provide additional details: open-balena/cert-provider.sh at bea552de6ab1df05c20c1f0ee44b173fdaac2704 · balena-io/open-balena · GitHub
Also, we have a similar issue where the user was able to run with Let’s Encrypt signed cert [ref: Using real (not self-signed) certificates - #177 by DistgenAl]