Comment # 1 on bug 1191220 from Thorsten Kukuk

This looks like the same problem as all non-webbrowser based tools we have:

kukuk@f05:~> curl https://defiant.thkukuk.de
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
kukuk@f05:~> wget https://defiant.thkukuk.de
--2021-10-01 13:26:31--  https://defiant.thkukuk.de/
Resolving defiant.thkukuk.de (defiant.thkukuk.de)...
fd21:4d9a:50d0:b2ba:172:17:0:1, 172.17.0.1
Connecting to defiant.thkukuk.de
(defiant.thkukuk.de)|fd21:4d9a:50d0:b2ba:172:17:0:1|:443... failed:
Verbindungsaufbau abgelehnt.
Connecting to defiant.thkukuk.de (defiant.thkukuk.de)|172.17.0.1|:443...
connected.
ERROR: cannot verify defiant.thkukuk.de's certificate, issued by ���������CN=R3,O=Let's
Encrypt,C=US���������:
  Unable to locally verify the issuer's authority.
To connect to defiant.thkukuk.de insecurely, use `--no-check-certificate'.

Same if you use ldap, imap, or other tools with this certificate.
firefox, chrome, other webbrowsers and Android have no problem, only
non-webbrowsers on SLE15 SP3 and Tumbleweed. But e.g. Fedora and Ubuntu have
the same problems, webbrowser works, wget/curl not. So no idea what's wrong
here. 

There is an old bug report from me about this already for SLE15 somewhere.