rails-assets.org has an invalid/expired letsencrypt cert (2021

[zswanson]

Your site letsencrypt cert appears to have expired this morning. We're getting errors from rails builds pulling from the site complaining of invalid TLS.

sh-4.2$ cat DST-Root-CA-X3.pem | openssl x509 -noout -enddate notAfter=Sep 30 14:01:15 2021 GMT

[hut8]

[hut8]

What IP address does rails-assets.org resolve to on your machine that's getting errors? Might be connecting to a failover server; I need to make sure that server has an updated cert as well.

[hut8]

@joshjordan check this out: https://docs.digitalocean.com/products/accounts/security/certificates/

[zswanson]

We've managed to get a patch in for the CA certificates from redhat that resolves this on the client side, but that Let's Encrypt intermediate will still cause issues for older systems.

On Thu, Sep 30, 2021 at 6:58 PM Liam @.***> wrote:

@joshjordan https://github.com/joshjordan check this out: https://docs.digitalocean.com/products/accounts/security/certificates/

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/tenex/rails-assets/issues/477#issuecomment-931759635, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAJWY6WH76BEQR5JCHFSGW3UETTTFANCNFSM5FDCJEKQ .

[m-an]

For anyone having an emergency deployment like me, I found using http://insecure.rails-assets.org/ to be a temporary solution.

Just don't forget to change it back when the certificate issue is resolved!

[SuperTux88]

@zswanson and @m-an: There is nothing rails-assets can do about this (at least this time it isn't rails-assets fault, their cert is just fine), but you need to update your systems if you have problems accessing it.

[kknd113]

For anyone on AWS: https://aws.amazon.com/premiumsupport/knowledge-center/ec2-expired-certificate/

[shelmire]

@kknd113 Thanks!