Closed xry111 closed 10 months ago
$ gnutls-cli blog.xen0n.name Processed 165 CA certificate(s). Resolving 'blog.xen0n.name:443'... Connecting to '240e:bf:b800:900::242a:4b29:443'... - Certificate type: X.509 - Got a certificate list of 3 certificates. - Certificate[0] info: - subject `CN=*.xen0n.name', issuer `CN=R3,O=Let's Encrypt,C=US', serial 0x04872205de5f1450f3f86a9753342e6a3ce7, RSA key 2048 bits, signed using RSA-SHA256, activated `2023-08-31 18:08:51 UTC', expires `2023-11-29 18:08:50 UTC', pin-sha256="nDtqyFeKN/N1r9rxOp8x8iWdBzzQGbo7fHwTCX5QM2U=" Public Key ID: sha1:205d40f4f852dd38f5e4ef22b9e088572b93ae70 sha256:9c3b6ac8578a37f375afdaf13a9f31f2259d073cd019ba3b7c7c13097e503365 Public Key PIN: pin-sha256:nDtqyFeKN/N1r9rxOp8x8iWdBzzQGbo7fHwTCX5QM2U= - Certificate[1] info: - subject `CN=R3,O=Let's Encrypt,C=US', issuer `CN=ISRG Root X1,O=Internet Security Research Group,C=US', serial 0x00912b084acf0c18a753f6d62e25a75f5a, RSA key 2048 bits, signed using RSA-SHA256, activated `2020-09-04 00:00:00 UTC', expires `2025-09-15 16:00:00 UTC', pin-sha256="jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0=" - Certificate[2] info: - subject `CN=ISRG Root X1,O=Internet Security Research Group,C=US', issuer `CN=DST Root CA X3,O=Digital Signature Trust Co.', serial 0x4001772137d4e942b8ee76aa3c640ab7, RSA key 4096 bits, signed using RSA-SHA256, activated `2021-01-20 19:14:03 UTC', expires `2024-09-30 18:14:03 UTC', pin-sha256="C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=" - Status: The certificate is NOT trusted. The certificate chain uses expired certificate. *** PKI verification of server certificate failed... *** Fatal error: Error in the certificate.
I have to test-drive my new CDN automation in the live environment, give me some time...
The automation is deployed and confirmed working.
Closing, thanks for reporting!