Let's Encrypt / older servers
Cantor, Scott
cantor.2 at osu.edu
Thu Oct 14 15:35:36 UTC 2021
This popped up on a Slack thread, and I thought it might be worth noting, but I guess Let's Encrypt hit a cross-over point with their cert chain(s) recently and one of the old roots that I guess is baked into at least CentOS 7's OpenSSL client expired 2 weeks ago.
I don't imagine this will affect too many, but if you have programmatic tools that are hitting shibboleth.net it might bite. It's not an artifact of the server move, just happened to coincide on the calendar. All the intermediates are valid so the server's providing the right things, it's the root that expired.
-- Scott
More information about the users
mailing list