In Blocking old cert-manager versions it is mentioned that Lets Encrypt will be blocking non-current versions of cert-manager after 3 months of a new version release. Has this been happening or is there a plan to implement this? Is the block-list available?
We currently block all versions below 0.8.0. We haven’t yet blocked 0.8.0 or any higher versions. In part this is because 0.8.0 and above have been less problematic than previous versions (though they’re still not completely problem-free). And in part because sending the advance notices to subscribers on about-to-be-blocked versions was quite time consuming.
We haven’t completely ruled out blocking v0.8.0 and others once they are significantly out of date. We’ll make that decision based on the prevalence of excessive traffic bugs, and we’ll give advance notice to subscribers who are still using the old versions.
For individual IP addresses that start displaying excessive traffic bugs, we may block the IP address without advance notice.
All that said, I strongly encourage you to always stay on the latest version of cert-manager, since they’ve been fixing a lot of bugs and improving things in myriad ways.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.