Part of the problem is that in September 2021, DST Root CA X3 certificate expired (the older root CA that Let’sEncrypt certs were using). Old versions of OpenSSL and maybe other TLS libraries were affected.
There may be something on your system that prevents you from using the latest OpenSSL library. The latest version of the 16.04 backports repo works fine (that’s why I managed to claim an agent from an Ubuntu 16.04 container), but a lot of 16.04 software can’t use it.
I list some options, I think in ascending level of difficulty/risk, that you can try to fix the issue. Try the agent claiming process after trying each of them:
Upgrade all your system packages.
From the screenshot you provided above, it seems not all your packages are using the last version, I suggest to try a system upgrade, to discard any versioning issue on your side. To update the system run:
apt-get update && apt-get upgrade.
Reconfigure the ca-certificates package
Maybe the reason is that some application is still using the old Root CA cert to validate our domain, one option would be to remove the expired CA file from your trusted certificates. In order to do that, you can reconfigure the package ca-certificates running:
To the question “Trust new certificates from certificate authorities?” choose “yes”.
On the next screen, avoid selecting DST_Root_CA_X3.pem certificate.
use a static version of netdata
Other option would be to install an static version of netdata, you can find more information at Netdata’s learn site.
Use a more recent Ubuntu version
If after all the above it still doesn’t work, maybe the only option is to use a newer version of Ubuntu.