I’ve been using a third-party library (pyTwitchAPI) for subscribing to stream.online events for a few months. But last week my app stopped working out of the blue, with no code change on my part.
I checked with several library users but everything is fine with them. I’ve yet to do more thorough debugging but I strongly suspect this has something to do with my X.509 certificate, which is issued by Let’s Encrypt.
More precisely my cert is issued by ‘Let’s Encrypt R3’, which was cross-signed by both a valid root (ISRG Root X1) and another root (IdenTrust) which expired on September 30th. Which is exactly the day my app stopped working.
It’s related to some issues e.g. a plain wget on my server from my Debian 10 fails with a ‘certificate has expired’ error, even though I’m actually presenting the new, valid root.
Could it be that Twitch stopped trusting the R3 certificate altogether because of the cross-signature?