Open rpb5bnc opened 5 years ago
achuchev
commented
5 years ago @rpb5bnc Thanks for the information. Just keep us posted about the maintenance.
You are mentioning "...and an updated version of libest...". Which version is that and what's new there?
gtbX
commented
5 years ago ETA? I was trying the instructions on the testrfc3070.com homepage, but it's responding with a "Invalid or corrupted pkcs10 request." error. I am assuming it's due to the expired certificate? (unless there's some CSR policy I'm unknowingly violating)
[Edit] I tried again, adding --insecure to the curl commands, and it seemed to run successfully.
riyee
commented
5 years ago How to solve the problem of the EST server cert has expired?
rpb5bnc
commented
5 years ago Hello,
Yes, sorry for the delay. Internal issues came up that we've had to focus on. We'll work on this in the next few days to get testrfc7030.com back up. Issue is that the cert comes from LetsEncrypt and they have deprecated the method used to by this server renew the cert, and migrating to the new process was not successful. We will attempt to resolve this very soon.
Sorry I missed the previous question about the new version of libest. The current version of libest here on Github is coded to OpenSSL 1.0.2. Support for OpenSSL 1.0.2 ends on 12/31/19. libest will be upgraded sometime soon with the necessary changes to allow it to build and run correctly with OpenSSL 1.1.1.
Regards,
riyee
commented
5 years ago Hello,
Thanks for your reply. It's very kind of you.Hope you can help me to solve this problem.
Regards
------------------ 原始邮件 ------------------ 发件人: "Pete Beal"notifications@github.com; 发送时间: 2019年4月26日(星期五) 晚上11:15 收件人: "cisco/libest"libest@noreply.github.com; 抄送: "zoo 、"18770918109@qq.com; "Comment"comment@noreply.github.com; 主题: Re: [cisco/libest] testrfc7030.com's cert will expire why we perfommaintenance on this server. (#68)
Hello,
Yes, sorry for the delay. Internal issues came up that we've had to focus on. We'll work on this in the next few days to get testrfc7030.com back up. Issue is that the cert comes from LetsEncrypt and they have deprecated the method used to by this server renew the cert, and migrating to the new process was not successful. We will attempt to resolve this very soon.
Sorry I missed the previous question about the new version of libest. The current version of libest here on Github is coded to OpenSSL 1.0.2. Support for OpenSSL 1.0.2 ends on 12/31/19. libest will be upgraded sometime soon with the necessary changes to allow it to build and run correctly with OpenSSL 1.1.1.
Regards,
— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.
MQueiros
commented
5 years ago Hi @rpb5bnc,
I see you mentioned a future upgrade to OpenSSL-1.1.1. Do you have any idea how soon it's going to be available? I was trying to port it to OpenSSL-1.1.1 myself, but I'm getting some errors while trying to communicate between client/server. And I'm not particularly experienced in OpenSSL, so I think I'll just stop trying and wait for your implementation :)
Regards!
riyee
commented
5 years ago @rpb5bnc Sorry to bother you, but could you please tell me the progress of testrfc7030 update
NOTE: The EST server ports at testrfc7030.com need to be briefly disabled for maintenance. They are going offline starting on 3/14/19 and will be down for one week.
Let'sEncrypt changed it's methods for verifying host name ownership and this change needs to be made to this system. There will be a couple of other necessary changes that need to be made as well. Once these changes have been made, we'll bring these EST server ports back online with a new cert and an updated version of libest running these EST server ports.