I have a signed CA certificate which I installed on my Apache webserver. The certificate is valid and is signed by internal CA. I spun another Linux instance and tried curling the address but I am not sure why curl is complaining about legitimacy of the server.

curl https://website.local
curl: (60) SSL Certificate problem: self signed certificate in certificate chain
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could nt establish a secure connection to it. 

i was using a self signed certificate before that I generated using openssl. I was getting the same message but that made sense. This doesn't as the certificate is signed and I checked the entire certificate chain and it appears to be valid.

Please can someone help me understand, where am I wrong?

PS: The CA signed certificate is NOT installed on any other instances. The only certificate installed is on the Apache webserver.

I got an internal CA certificate now and I installed that and now I am getting a something different. This message is from an instance which doesn't have CA certificate installed and is curling the address of an instance which has the CA certificate installed.

curl performs SSL certificates verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs)> If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option.

There's more to the message I guess subject experts will know what follows. Why is it throwing error when there is an internal CA certificate installed?