Okay, it's back up and working properly with older git clients. The problem was that git from very recent distributions linked against gnutls and did not support elliptic curve certificates.
Hacking the library to ask Let's Encrypt for RSA certificates instead fixed the problem. On Wed, Nov 2, 2016 at 9:10 AM, Gustavo Niemeyer <gust...@niemeyer.net> wrote: > I've reverted it temporarily as I'm observing a large number of these > messages, certainly from old git clients: > > tls: no cipher suite supported by both client and server > > Will investigate and redeploy soon. > > On Wed, Nov 2, 2016 at 8:32 AM, Gustavo Niemeyer <gust...@niemeyer.net> > wrote: > >> Hello all, >> >> After complaints about the previous StartCom TLS certificate, it was >> moved over to Let's Encrypt's dynamic generation of certificates using the >> autocert package [1]. >> >> It's also been updated to be deployed as a snap [2], which means it's >> better confined inside its system and a bit easier for me to maintain and >> replicate. >> >> Finally, I also took this chance to move over the primary to a different >> provider and datacenter. The deployment continues to have automatic >> failover across datacenters and cities. >> >> >> Please do let me know if you observe any hiccups. >> >> >> [1] https://golang.org/x/crypto/acme/autocert >> [2] http://snapcraft.io >> >> >> gustavo @ http://niemeyer.net >> > > > > -- > > gustavo @ http://niemeyer.net > -- gustavo @ http://niemeyer.net -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
