[SR-Users] Let's Encrypt DST Root CA X3 cert CA expiration 30th/Sept - Any issues?
Matthias Wimmer
m at tthias.eu
Sat Oct 9 13:15:49 CEST 2021
Here we had problems with clients using an Auerswald PBX showing the
following error message:
503: Certificate Validation Failure
SSL-Error 10: certificate has expired, depth=3 /O=Digital Signature
Trust Co./CN=DST Root CA X3 )
Regards,
Matthias
On 08.10.21 19:49, Sergiu Pojoga wrote:
> Like our comrades at APIBAN. Had to patch the CA list on older linux
> distros to get this restarted.
>
> Oct 8 10:20:21 kamailio[8476]: WARNING: http_client
> [functions.c:308]: curL_request_url(): TLS server certificate
> validation error (No valid CA cert) (url: https://apiban.org/api/..
> <https://apiban.org/api/..>.)
>
> @Fred, all good out there bud? lol
>
> On Fri, Oct 8, 2021 at 12:30 PM Maxim Sobolev <sobomax at sippysoft.com
> <mailto:sobomax at sippysoft.com>> wrote:
>
> Some of our internal API have started to fail and most of software
> update routines jammed up as a result until we figured out how to
> cope with that issue.
>
> Not the first one and certainly not the last. In general PKI/TLS
> is by design prone to issues like this and I am sad industry has
> not come up with anything better yet to communicate over insecure
> channels. :( Noise protocol certainly holds lots of potential in
> my view but mills of IETF mill slowly, so we are going to be
> suffering for many years to come I am afraid.
>
> -Max
>
>
> On Fri., Oct. 8, 2021, 8:23 a.m. Henning Westerholt,
> <hw at skalatan.de <mailto:hw at skalatan.de>> wrote:
>
> Hello,
>
> in total we had three customer incidents (two server related,
> one client related) because of this, one of them was a major
> incident.
>
> Cheers,
>
> Henning
>
> --
>
> Henning Westerholt – https://skalatan.de/blog/
> <https://skalatan.de/blog/>
>
> Kamailio services – https://gilawa.com <https://gilawa.com/>
>
> *From:* sr-users <sr-users-bounces at lists.kamailio.org
> <mailto:sr-users-bounces at lists.kamailio.org>> *On Behalf Of
> *Joel Serrano
> *Sent:* Friday, October 1, 2021 9:05 PM
> *To:* Kamailio (SER) - Users Mailing List
> <sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>>
> *Subject:* [SR-Users] Let's Encrypt DST Root CA X3 cert CA
> expiration 30th/Sept - Any issues?
>
> Hello,
>
> I'm wondering if anyone had any issues yesterday with the
> expiration of the DST Root CA X3 cert?
>
> Out of all the servers I manage, only a couple were affected
> (debian 8). They were production servers so we replaced the
> cert with a different one to solve the issue while we find the
> root cause.
>
> Anyone out there had any issues yesterday because of this? I'm
> just curious!
>
> Joel.
>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
> * sr-users at lists.kamailio.org
> <mailto:sr-users at lists.kamailio.org>
> Important: keep the mailing list in the recipients, do not
> reply only to the sender!
> Edit mailing list options or unsubscribe:
> *
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
> * sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
> Important: keep the mailing list in the recipients, do not reply
> only to the sender!
> Edit mailing list options or unsubscribe:
> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>
>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
> * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to the sender!
> Edit mailing list options or unsubscribe:
> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20211009/22298fa5/attachment.htm>
More information about the sr-users
mailing list