[BlueOnyx:25155] Re: Let's Encrypt CA cert expiry - permanent fix published
Michael Stauber
mstauber at blueonyx.it
Sun Oct 3 17:22:06 -05 2021
Hi Meaulnes,
> thank you for the fix! Can you please also update the Aventurin{e}
> 6109R, too?
I just published Aventurin{e} 6109R YUM updates as well.
> I get there this expired error
>
> Although, strange enough, a click on the browser certificate icon reads
> the following:
>
> Issued by: R3
> Expires: Wednesday, 8 December 2021 at 01:20:22 Central European
> Standard Time
> (x) "R3" certificated has expired
>
> Not Valid Before Thursday, 9 September 2021 at 02:20:23 Central
> European Summer Time
> Not Valid After Wednesday, 8 December 2021 at 01:20:22 Central
> European Standard Time
>
> The certificate isn't accepted although it has a valid date...
When you have the updates installed, try to request new LE certs for the
affected domains.
How OS's, browsers and clients treat LE certs with the expired root cert
depends on how they implement SSL. Once you have the server side updates
installed and have new LE certs issued, you're as good as it gets on the
server end.
The /r/sysadmin reddit has a few pointers for anything beyond the
general scope of BlueOnyx/Aventurin{e}:
https://www.reddit.com/r/sysadmin/comments/py3wsw/lets_encrypt_dst_root_ca_x3_expiry_certificate/
https://www.reddit.com/r/sysadmin/comments/pzags0/lets_encrypts_dst_root_ca_x3_expired_yesterday/
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list