Couple of things about that post. You should use port 8444 on that line (8447 is to check farmer’s cert).
I checked one of those nodes, and luckily the port was open. Here is what you need to look for:
CONNECTED(00000003)
depth=1 O = Chia, CN = Chia CA, OU = Organic Farming Division
verify error:num=19:self signed certificate in certificate chain
140378145167248:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s2 3_lib.c:177:
---
Certificate chain
0 s:/CN=Chia/O=Chia/OU=Organic Farming Division
i:/O=Chia/CN=Chia CA/OU=Organic Farming Division
1 s:/O=Chia/CN=Chia CA/OU=Organic Farming Division
i:/O=Chia/CN=Chia CA/OU=Organic Farming Division
Basically, that is chia’s signature there (there are more chia related stuff there).
That means that those peers you have on that screenshot are legit, and your side is struggling. So, no need to check more of them, just run it once to get used to that command.
Once you see the result, switch that IP to your local / private IP. If you are running that command from your node, most likely you can use 127.0.0.1
The output from your node should more or less match what you get from those other peers (maybe not cert data, but all the other info.
Just to be on the sane side, check your config.yaml what is your wallet’s port (should be 8447), and run that command also against that one.
Kind of recalling one previous issue about it, there is a chance that somehow you have mixed up certs, and they may still be valid chia certs, but not for that service. Just check if you have those entries there:
full_node:
ssl:
private_crt: config/ssl/full_node/private_full_node.crt
private_key: config/ssl/full_node/private_full_node.key
public_crt: config/ssl/full_node/public_full_node.crt
public_key: config/ssl/full_node/public_full_node.key
and
wallet:
ssl:
private_crt: config/ssl/wallet/private_wallet.crt
private_key: config/ssl/wallet/private_wallet.key
public_crt: config/ssl/wallet/public_wallet.crt
public_key: config/ssl/wallet/public_wallet.key
Just pay attention whether what follows config/ssl/ is what the main section is (i.e., full_node and wallet respectively).
That part is irrelevant to the problem. Assuming that the port is closed, your node will be reaching out to other peers. From protocol point of view, there is zero difference whether connection is in- or out-band (it only matters for the health of the overall network).
All those things are irrelevant as long as you are not going to fix that SSL issue.
The only thing that you should worry right now is your config.yaml and .chia/mainnet/config/ssl folder and what is in those service specific subfolders.