public inbox for [email protected]
help / color / mirror / Atom feedFrom: Andrew Dunstan <[email protected]>
To: [email protected]
Subject: Fwd: Heads up about TLS certificates
Date: Tue, 23 Jul 2024 11:05:54 -0400
Message-ID: <[email protected]> (raw)
In-Reply-To: <CABUevEzfLr7CoOXi_n=Q9ufyP-huy0-U-Lz_B=24zmyns_uZEg@mail.gmail.com>
References: <CABUevEzfLr7CoOXi_n=Q9ufyP-huy0-U-Lz_B=24zmyns_uZEg@mail.gmail.com>
-------- Forwarded Message --------
Subject: Heads up about TLS certificates
Date: Tue, 23 Jul 2024 16:49:52 +0200
From: Magnus Hagander <[email protected]>
To: [email protected]
CC: sysadmins <[email protected]>
Hello!
Here's a heads-up that LetsEncrypt are discontinuing the "alternative
chain" they put in place back in 2021 for backwards compatibility with
older clients. That means that at the next refresh of the TLS
certificates for the buildfarm server, it will be automatically updated
to their new issuer certificates (and in fact to an updated intermediate
cert as well).
As they have discontinued the old compatibility ones, there is not much
we can do about it. Hopefully all buildfarm clients are enough up to
date to work out of the box with the new chain, in which case nothing
needs to be done.
The same certificate shift will happen on git.postgresql.org
<http://git.postgresql.org; that also has the compatibility chain today
specifically for really old buildfarm animals.
LE article: https://letsencrypt.org/2024/04/12/changes-to-issuance-chains
We expect this shift to happen in the next couple of days or week
(there's some dynamicness to it, so we don't know exactly when)
So, please keep an eye out. And if your animal does fail to communicate
after this date, please reach out to us at [email protected] and
we'll see if we can help you figure out how to get things back up!
//Magnus
--
Andrew Dunstan
EDB:https://www.enterprisedb.com
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected]
Subject: Re: Fwd: Heads up about TLS certificates
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox