The TLS certificate we are using is based upon a cross-signed root certificate issued by Comodo. One of the trust pathways expired at around 7:00AM Eastern Time today. The expired trust pathway has been mitigated in modern and updated software systems including web browsers and operating systems. A handful of clients using older (often unmaintained or unsupported) operating systems and versions including RedHat Linux 4.x or old versions of libcurl and OpenSSL) have been experiencing connectivity issues because updates to root certificates were not available on these older systems.
As a mitigating effort, we identified a third possible trust pathway that many of these older clients might be able to utilize with our cross-signed certificate and we added the appropriate intermediate certificates in the chain in order to allow that alternate pathway to be utilized so long as the additional certificate authority (AAA Certificate Services, expiration 2028) is trusted by the system.
For clients that continue to experience ongoing TLS connectivity issues, the only other possible alternative at this point is to manually add the newer version of the AddTrust Certificate Authority to your system "trust store" location: https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020
For additional information on the certificate chain, please utilize the SSL Labs report found here:https://www.ssllabs.com/ssltest/analyze.html?d=api.smartystreets.com&hideResults=on