I meant to post this when it happened, and I think I forgot. :-} The SSL Root cert that underlies Let's Encrypt's root expired on 30-Sept, and the new root that underlies it is not in the Root Certificate Package of some still pretty widely deployed OS versions, including OS/X <10.12.1.
Lots of people are getting their certs from Let's these days, including Wikipedia. So if you've gotten any reports from the field that people can't access {websites,your websites} it's worth looking into whether this is why. Tier 2/3 detail: https://scotthelme.co.uk/lets-encrypt-old-root-expiration/ Cheers, -- jra Replies, as always, to -discuss -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274 _______________________________________________ Outages mailing list Outages@outages.org https://puck.nether.net/mailman/listinfo/outages