[SR-Users] Let's Encrypt DST Root CA X3 cert CA expiration 30th/Sept - Any issues?
Sergiu Pojoga
pojogas at gmail.com
Fri Oct 8 19:49:02 CEST 2021
Like our comrades at APIBAN. Had to patch the CA list on older linux
distros to get this restarted.
Oct 8 10:20:21 kamailio[8476]: WARNING: http_client [functions.c:308]:
curL_request_url(): TLS server certificate validation error (No valid CA
cert) (url: https://apiban.org/api/...)
@Fred, all good out there bud? lol
On Fri, Oct 8, 2021 at 12:30 PM Maxim Sobolev <sobomax at sippysoft.com> wrote:
> Some of our internal API have started to fail and most of software update
> routines jammed up as a result until we figured out how to cope with that
> issue.
>
> Not the first one and certainly not the last. In general PKI/TLS is by
> design prone to issues like this and I am sad industry has not come up with
> anything better yet to communicate over insecure channels. :( Noise
> protocol certainly holds lots of potential in my view but mills of IETF
> mill slowly, so we are going to be suffering for many years to come I am
> afraid.
>
> -Max
>
>
> On Fri., Oct. 8, 2021, 8:23 a.m. Henning Westerholt, <hw at skalatan.de>
> wrote:
>
>> Hello,
>>
>>
>>
>> in total we had three customer incidents (two server related, one client
>> related) because of this, one of them was a major incident.
>>
>>
>>
>> Cheers,
>>
>>
>>
>> Henning
>>
>>
>>
>> --
>>
>> Henning Westerholt – https://skalatan.de/blog/
>>
>> Kamailio services – https://gilawa.com
>>
>>
>>
>>
>>
>>
>>
>> *From:* sr-users <sr-users-bounces at lists.kamailio.org> *On Behalf Of *Joel
>> Serrano
>> *Sent:* Friday, October 1, 2021 9:05 PM
>> *To:* Kamailio (SER) - Users Mailing List <sr-users at lists.kamailio.org>
>> *Subject:* [SR-Users] Let's Encrypt DST Root CA X3 cert CA expiration
>> 30th/Sept - Any issues?
>>
>>
>>
>> Hello,
>>
>>
>>
>> I'm wondering if anyone had any issues yesterday with the expiration of
>> the DST Root CA X3 cert?
>>
>>
>>
>> Out of all the servers I manage, only a couple were affected (debian 8).
>> They were production servers so we replaced the cert with a different one
>> to solve the issue while we find the root cause.
>>
>>
>>
>> Anyone out there had any issues yesterday because of this? I'm just
>> curious!
>>
>>
>>
>> Joel.
>> __________________________________________________________
>> Kamailio - Users Mailing List - Non Commercial Discussions
>> * sr-users at lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to
>> the sender!
>> Edit mailing list options or unsubscribe:
>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
> * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20211008/f71305dd/attachment.htm>
More information about the sr-users
mailing list