Welp, Let's Encrypt screwed the pooch again

1 year ago
Can anyone tell me in small words how to fix this?

postfix/smtpd: warning: TLS library problem: 6374:error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired:s3_pkt.c:1493:SSL alert number 45:

Re-running "certbot renew" does nothing.

Running "openssl x509 -enddate -noout -in" on every .crt file I can find shows expiration dates in the future, including /etc/letsencrypt/live/dnalounge.com/fullchain.pem (smtpd_tls_cert_file) and /etc/pki/tls/certs/ca-bundle.crt (smtpd_tls_CAfile).

CentOS 7.9, certbot 1.11.0 which appears to be the latest.

Rather than actually providing instructions for how to fix whatever they fucked up, they just refer you to the "support" "forum", both words of which are highly aspirational.

bai0:

@letsencrypt Nothing brightens my day like users asking me why something stopped working right as I'm wrapping up for the day, only to find a service I'm forced to rely on has changed something, and the first response in the forum thread they link to tells me I'm incompetent and don't care

Update: Great news, everybody! When you run "openssl x509 -enddate -noout -in" on a file that has a thousand certs in it, it only reports on the first one! Because obviously that's exactly what you'd want and expect. So it looks like /etc/pki/tls/cert.pem had one expired cert in the middle, which maybe is the problem? This suggested that "yum update ca-certificates" might fix it, but I'm not sure if that helped yet. Maybe?

Previously, previously, previously.

20 Comments
Tags: , , , , , ,

Animatronics That Didn't Make It Into The Thing Remake

1 year ago
Many people were frustrated with the special effects being largely CG on the final cut. What a lot of people don't know is that practical versions for almost all the effects were made and many even shot first! However, many were replaced entirely by CG for the release.



Previously, previously, previously.

3 Comments
Tags: , , , , , ,

Like content moderators, but with guns.

1 year ago
When are podunk sheriffs going to start knocking on the doors of Facebook data centers, though?

Judge Sides with Teen Threatened by Sheriff Over COVID Social Media Post: 'The First Amendment Is Not a Game Setting for the Government to Toggle Off and On'

The teen posted about her illness on Instagram three times, saying she would be out of school for a while due to "having the COVID-19." After her symptoms worsened and she returned to the hospital she posted another photo showing her in a hospital bed with the caption "Winning the fight with Covid-19."

Several days later, Sgt. Klump went to the Cohoon residence and told Cohoon's parents that his office had received a complaint from the school's superintendent about Amyiah's posts, demanding she delete the pictures.

"Sergeant Klump stated that he had direct orders from Sheriff Konrath to demand that Amyiah delete this post, and, if she did not, to cite Amyiah and/or her parents for disorderly conduct and to 'start taking people to jail,'" the complaint stated.

Previously, previously, previously.

5 Comments
Tags: , , , ,

Mandate Season

1 year ago
Shockingly, loudmouth antivaxxer idiots don't have the strength of their convictions. We talked to some ignorant rubes in a local diner to find out more.

It's mandate season; we're finding out that rumors about people who said they'd quit before getting vaccinated were greatly overstated. But it also means that every outlet on the planet is writing about the (few) idiots getting fired or quitting, with some outlets and reporters blatantly misrepresenting reports.

Early surveys showed that "half of unvaccinated workers [said] they will leave their jobs if they're forced to get the Covid-19 shot," but most reports this week show that 96-99% of US workers facing the mandate have complied.

CNBC blared that nearly 600 United Airlines employees are getting fired for noncompliance, noting down the line that this number means 96% of the 67,000 workforce is fully vaccinated.

Washington Post headlined that "North Carolina hospital system Novant Health fires 175 unvaccinated employees refusing covid shot" while burying deep in its article that this is less than 1% of the system's employees: "More than 99 percent of the system's roughly 35,000 employees have followed the mandatory vaccination program."

Bizarrely, San Francisco has the (so far) highest rate of holdouts; around 10% of employees at police departments, hospitals and school districts.

The Nonsensical Loophole in Biden's Vaccine Mandate:

As written into the mandate, tests are still being cast in an understudy role that they were never meant to play. "It's an unacceptable alternative," Jennifer Nuzzo, an epidemiologist and senior scholar at the Johns Hopkins Center for Health Security, told me. Tests can't be swapped in for vaccines for the same reasons a smoke detector can't sub in for fireproofing, a car speedometer can't replace a seat belt, and a weather report can't take the place of an umbrella. Noticing the problem isn't the same as blocking it. (The White House did not respond to repeated requests for comment.)

Previously, previously, previously, previously, previously.

1 Comment
Tags: , , ,

  • Previously