Or that someone asked to renewed it, one of their four bosses didn't sign off the apropriate form, the only person to take that form to whoever does the certs is on a vacation, person issuing certs needs all four of his bosses to sign it off, and one of those bosses has been DOGE-ed and not yet replaced.
replyexpired letsencrypt cert on a raspberrypi at home smells of not paying attention... with governments, there are many, many points of failure.
The whole point of these shorter certificate durations is to force companies to put in automation that doesn't require 14 layers of paperwork. Some companies will be stubborn, and will thus be locked in an eternal cycle of renew->get paperwork started for renew. Most will adapt.
replyHumbly, I disagree with you. What better use of our tax dollars than to automate away as many problems as we can?
replyIt did until it got so short that it created a new potential attack surface — the scripts everyone is using to auto update them.
replyCompared to the manual processes these scripts replaced, I'd put more trust in the automations.
replyAnd the original article shows you how that is going
reply