Hi everyone, I suspect my rancher server is not returning the cacert chain correctly. when I do

curl <https://rancher-domain.com/ping>

I get

curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: <https://curl.se/docs/sslcerts.html>

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

The real reason why I'm pondering on this is, suddenly my cluster agent moved to a disconnected state on my rancher ui, eventhough I'm able to access the cluster using the kubeconfig obtained from rancher.

INFO: Using resolv.conf: search cattle-system.svc.cluster.local svc.cluster.local cluster.local ec2.internal us-west-2.compute.internal nameserver 10.100.0.10 options ndots:5
INFO: <https://rancher-domain.com/ping> is accessible
INFO: rancher-domain.com resolves to 35.85.190.153
INFO: Value from <https://rancher-domain.com/v3/settings/cacerts> is an x509 certificate
time="2025-04-22T05:24:52Z" level=info msg="Listening on /tmp/log.sock"
time="2025-04-22T05:24:52Z" level=info msg="Rancher agent version v2.8.0 is starting"
time="2025-04-22T05:24:52Z" level=info msg="EnsureSecretForServiceAccount: waiting for secret [cattle-token-mxsnb] to be populated with token"
time="2025-04-22T05:24:52Z" level=info msg="Connecting to <wss://rancher-domain.com/v3/connect/register> with token starting with 8f2bfsxdtz8b7rlcwffmbwnzljt"
time="2025-04-22T05:24:52Z" level=info msg="Connecting to proxy" url="<wss://rancher-domain.com/v3/connect/register>"

in the log I could also see that the ping command had worked eventhough it didn't work on my curl. would be grateful for any help!