chef-solo ssl issue with lets encrypt

Question

I am running a knife solo cook and started getting this error below. Did some searching and it seems it is due to the LetsEncrypt SSL ca needing updates. I updated these on the server and can wget the URL below just fine. But I still get this error w/ chef. I wasn't sure if there was some cache (I did clear out the local-mode-cache dir) or something I am missing here. Any help would be great! Thanks.

================================================================================ Error executing action add on resource 'postgresql_repository[pg repo]' ================================================================================

OpenSSL::SSL::SSLError
----------------------
apt_repository[postgresql_org_repository] (/home/ubuntu/chef-solo/local-mode-cache/cache/cookbooks/postgresql/resources/repository.rb line 76) had an error: OpenSSL::SSL::SSLError: remote_file[/home/ubuntu/chef-solo/local-mode-cache/cache/https___download_postgresql_org_pub_repos_apt_ACCC4CF8_asc] (/opt/chef/embedded/lib/ruby/gems/2.5.0/gems/chef-14.1.1/lib/chef/provider/apt_repository.rb line 199) had an error: OpenSSL::SSL::SSLError: SSL Error connecting to https://download.postgresql.org/pub/repos/apt/ACCC4CF8.asc - SSL_connect returned=1 errno=0 state=error: certificate verify failed (certificate has expired)

Resource Declaration:
---------------------
# In /home/ubuntu/chef-solo/local-mode-cache/cache/cookbooks/rails_app/recipes/postgresql_server_single.rb

Answer 1

Update - I was able to solve this by editing /opt/chef/embedded/ssl/certs/cacert.pem on the server and removing the DST Root CA X3 certificate.