I meant to post this when it happened, and I think I forgot. :-}
The SSL Root cert that underlies Let's Encrypt's root expired on 30-Sept,
and the new root that underlies it is not in the Root Certificate Package of
some still pretty widely deployed OS versions, including OS/X <10.12.1.
Lots of people are getting their certs from Let's these days, including
Wikipedia.
So if you've gotten any reports from the field that people can't access
{websites,your websites} it's worth looking into whether this is why.
Tier 2/3 detail: https://scotthelme.co.uk/lets-encrypt-old-root-expiration/
Cheers,
-- jra
Replies, as always, to -discuss
--
Jay R. Ashworth Baylink j...@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII
St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
_______________________________________________
Outages mailing list
Outages@outages.org
https://puck.nether.net/mailman/listinfo/outages
