ygrek
commented
4 years ago I believe the proper place to report is https://lists.nongnu.org/archive/html/sks-devel/ Can you share more details - which url has expired certificated?
Closed bsmith75 closed 4 years ago
ygrek
commented
4 years ago I believe the proper place to report is https://lists.nongnu.org/archive/html/sks-devel/ Can you share more details - which url has expired certificated?
bsmith75
commented
4 years ago According to this, the certificates for all servers in the pool are expired by now.
fleish
commented
4 years ago https://www.theregister.com/2020/06/24/openpgp_key_server/
Rumors of the pool's demise have been greatly (OK, somewhat) exaggerated.
My SSL certificate for the pool was renewed & re-installed on June 25th to return it to the hkps pool. During the time it was expired, it was not published as in DNS as an IP address for hkps.pool.sks-keyservers.net and requests directed to that DNS CNAME should have been serviced by the other servers remaining in the pool with valid SSL certificates. If you are still having issues, you may want to do some debugging to find out the actual reason why.
I'm not sure if it's a typo in the issue title, but you should not be trying to make SSL/HTTPS/HKPS connections to pool.sks-keyservers.net as those servers do not have proper certificates for that hostname by design. The only SKS pool that supports SSL/HTTPS/HKPS is hkps.pool.sks-keyservers.net. More information can be found here: https://sks-keyservers.net/overview-of-pools.php
ygrek
commented
4 years ago Closing for lack of details
After reading the following post in the EndeavourOS forum, I did some investigating and found that the issue is an expired certificate.
https://forum.endeavouros.com/t/are-the-key-servers-down-for-anyone-else/6271