Certbot-auto failed the md5sum comparison test

zwerfkat · May 6, 2020, 3:12pm

Hello,

Recently I got a message from my firewall saying: the md5sum comparison test FAILED for /usr/local/bin/certbot-auto. Does this file auto renew itself also, besides certificates?

By the way, I tried commando:
/usr/local/bin/certbot-auto --help
but it does not output anything. When I follow instructions to test integrity from here, I get the following error message:
gpg: requesting key CD9775F2 from hkp server pool.sks-keyservers.net
gpgkeys: HTTP fetch error 7: Failed to connect to 2001:ba8:1f1:f2d4::2: Network is unreachable
So I am getting a bit suspicious now. What is going on? Any hints/comments are appreciated!

_az · May 6, 2020, 10:43pm

Yes, unless you do --no-self-upgrade, it will constantly set off things like tripwire.

Keyservers are flaky, probably since the DoS exploit against them was discovered last year . If you eventually get through, it should validate the signature successfully. Tried it just now.

You could also try use keys.openpgp.org instead pool.sks-keyservers.net.

zwerfkat · May 7, 2020, 8:50am

Thanks for the reply! I finally managed to get through by using hkp://p80.pool.sks-keyservers.net:80, perhaps default port 11371 was blocked by my firewall:

gpg: Good signature from "Let's Encrypt Client Team <letsencrypt-client@eff.org>"

So everything seems to be okay, better safe then sorry!

system · June 6, 2020, 8:50am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.