! Peer certificate cannot be authenticated with given CA certificates


I am trying to use the {connectapi} package to set the schedule of a .qmd file on Posit Connect.

So the .qmd file runs and does what it does, then at the end of the script I have this bit of code:

client <- connectapi::connect(
  server = Sys.getenv("CONNECT_SERVER"),
  api_key = Sys.getenv("CONNECT_API_KEY"))

file_qmd <- connectapi::content_item(client, 

file_qmd _variant <- connectapi::get_variant_default(file_qmd)
file_qmd _sched <- connectapi::get_variant_schedule(file_qmd _variant)
connectapi::set_schedule_dayofmonth(file_qmd _sched,
                                    n = 1,
                                    start_time = sched_time,
                                    day = sched_day,
                                    activate = TRUE,
                                    email = TRUE)

The code runs and works as expected on my local machine/ RStudio. The {connectapi} package updates the scheduling of the app on Posit Connect.
I want to deploy this to Posit Connect so that each time it runs it self-updates to the next schedule date.

However, I am coming across this error while deploying:

Quitting from lines 344-374 [unnamed-chunk-14] (file_push.qmd)
Error in `curl::curl_fetch_memory()`:
! Peer certificate cannot be authenticated with given CA certificates: [rsconnect-pp] Peer's Certificate issuer is not recognized.
 1. connectapi::connect(server = Sys.getenv("CONNECT_SERVER"), api_key = Sys.getenv("CONNECT_API_KEY"))
 2. base::tryCatch(...)
 3. base (local) tryCatchList(expr, classes, parentenv, handlers)
 4. base (local) tryCatchOne(expr, names, parentenv, handlers[[1L]])
 5. value[[3L]](cond)
Execution halted
Stopped session pings to
Unable to render the deployed content: Rendering exited abnormally: exit status 1

Is what I am trying to do possible/ easy? Do I need to include some other files (maybe SSL certificates, etc.?).

A colleague figured out the issue:

"I had to add the intermediate certificates to the trust store. Because it's calling the API from within the same server for some reason they are not being sent correctly so you get the certificate issuer error."

Hope this helps people!