alt Hacker NewsMany Let's Encrypt renewals had errors today
Comments
That explains why one of my IoT vendors is using an expired certificate.
I wish Firefox would just give a mild warning for a recently expired certificate, instead of treating it the same as a true man-in-the-middle attach. It's not like someone who couldn't factor the private key in 200 days could in 201 days or even 300 days.
I'm convinced that we'd have better security, if we didn't have so much security theater. You'd think TLS is useless, from the warning my phone gives if I connected to a public Wi-Fi AP, but then again there's nothing in TLS (or WPA) that prevents it from being used in a way that is completely useless: https://www.youtube.com/watch?v=M1si1y5lvkk
To be clear, “Degraded Performance” means just that, not “down.” Let’s Encrypt’s issuance is mostly working fine.
Seems not ideal for an entity who seems to be pushing for shorter expiration periods all the time
What are the viable alternatives to LE? And in case none exists, what does it take to build one?
Requirements: free, available to everyone, automation friendly, issues certificates that are actually considered trustworthy by other parties.
I realize this is very much not the point, but the fact that the "Active Incident" banner is green is upsetting.
It's a good thing that acme clients try to renew early, rather than leaving it to the last minute...
thats too bad
The amount of misinformation on this site is astonishing. "Hacker News"..
:(
Let's Encrypt has been working normally for most of the day. There was a ~90 minute period during which some of our users would have received a higher error rate due to upstream networking issues, but the majority of requests were successful even during that period.
It seems our status.io notes are being misinterpreted as much more severe than they were intended to reflect.
Edit: Note that this was written in response to a previous submission title implying that Let's Encrypt was entirely down most of the day.