this post was submitted on 09 May 2026
22 points (95.8% liked)

Fediverse

42046 readers
90 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, Mbin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)

founded 2 years ago
MODERATORS
ruud@lemmy.world
Xylinna@lemmy.world
MrCenny@lemmy.world
TragicNotCute@lemmy.world
automodbeta@lemmy.world
woelkchen@lemmy.world
22
discuss.online having SSL cert issues (lemmy.ca)
submitted 5 days ago* (last edited 4 days ago) by mote@lemmy.ca to c/fediverse@lemmy.world
8 comments fedilink hide all child comments
 
$ date -u
Sat May  9 10:15:48 AM UTC 2026

Hi all, it looks like discuss.online's automatic SSL juju didn't work right and the existing cert expired just a bit ago:

$ curl -vI https://discuss.online/
...
* Server certificate:
*   subject: CN=discuss.online
*   start date: Feb  8 06:59:01 2026 GMT
*   expire date: May  9 06:59:00 2026 GMT
*   issuer: C=US; O=Let's Encrypt; CN=E8

I'm sure it'll get fixed, but ... this is where the Far Side comics are hosted. 911 yall break glass beep the pagers we've got a code 2319 people. Save the cows.

Update awhile later: SSL cert was replaced. The cows have tools, which leads to engineering degrees and rapid repairs.

you are viewing a single comment's thread
view the rest of the comments
[–] SrMono@feddit.org 3 points 5 days ago* (last edited 1 day ago) (3 children)

Let’s encrypt reported an incident yesterday. The issuing stopped working on their end. They were working the problem already.

Edit: pure speculation as the timing of the incident matches. Could also be a bodged update routine, or something else.

[–] solrize@lemmy.ml 5 points 5 days ago (2 children)

I don't think that was the problem. Auto renewal should have been a month ago.

[–] Enoril@jlai.lu 1 points 5 days ago (1 children)

/agree.

For those who don't know, the default certificate update bots working with let's encrpt checks everyday the server certificate and replace it when its expiration date is in less than a month.

This delay let enough time to fix any update issues (on your side or let's encrypt side) that could occur. These systems works quite well and for free!

So definitely not an responsibility of let's encrypt here.

[–] SrMono@feddit.org 0 points 5 days ago* (last edited 5 days ago) (1 children)

In would be cautious with words like definitely. You don’t know if the client works automatically or people request certs manually and just slipped into the downtime.

Both issues (bad practice and bad timing) could have in a fringe accident coincided.

But my first message read to certain, too. Updated that with an edit.

[–] Enoril@jlai.lu 0 points 1 day ago (1 children)

definitely with a 99.9999999% score :)

If it was really an let's encrypt issue, lot of people would have complained. Servers all around the world would have returned errors. I would have a lot of issues but nothing happened, certificates were issued normally.

If they are issuing certificate with let's encrypt manually, it's their fault as let's encrypt ecosystem is made to be automatic in the first place.

SSL deployment were highly a painful process before let's encrypt but now, it's so easy. i love it.

[–] SrMono@feddit.org 1 points 1 day ago* (last edited 1 day ago)

There was a short let’s encrypt error just in that timeframe. Doesn’t mean that all cert updates fall in that window and “servers around the world”…

Also. I know my fair share on manual, semi-manual and thank lord automatic certification.

Oh. Your post was a rage bait? Well done.

https://cybersecuritynews.com/lets-encrypt-halts-certificate-issuance/ May 9, 2026

[–] mote@lemmy.ca 3 points 5 days ago

Oh my, that sounds bad. I wonder how many certs were up for renewal... thanks for sharing I didn't see this in the news.

[–] UndergroundParking@lemmy.cafe 1 points 4 days ago

Certbot renews the cert 2 weeks before expiry. I suspect either a broken cronjob or a missing webserver reload.