[BlueOnyx:22604] Re: Letsencrypt auto-renew failures in 5209R
Michael Stauber
mstauber at blueonyx.it
Tue Jan 22 13:40:46 -05 2019
Hi all,
So it turns out that there is more to the "great LE renewal failure of
2019":
https://community.letsencrypt.org/t/february-13-2019-end-of-life-for-all-tls-sni-01-validation-support/74209
Due to a vulnerability in the protocol LE has disabled the TLS-SNI-01
validation method and that's what the CertBot on BlueOnyx was using for
renewals.
They updated the certbot client to a new version, but hipsters that they
are this client now no longer runs with Python 2.7. Which kicks everyone
using CentOS 6 (5207R/5208R/6108R) into the curbs.
That makes working on a replacement all the more urgent and I'm
currently at it.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list