Dl.eff.org, a certificate has expired

neik1 · January 11, 2020, 1:44pm

curl "https://dl.eff.org/certbot-auto"

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
  <head>
    <title>503 certificate has expired</title>
  </head>
  <body>
    <h1>Error 503 certificate has expired</h1>
    <p>certificate has expired</p>
    <h3>Guru Mediation:</h3>
    <p>Details: cache-lon4269-LON 1578748724 3864572170</p>
    <hr>
    <p>Varnish cache server</p>
  </body>
</html>

Osiris · January 11, 2020, 2:00pm

Note: it’s not the certificate of the direct public endpoint of dl.eff.org, it’s some kind of internal certificate.

Kinda amateurish if you’d ask me

davidode · January 11, 2020, 4:01pm

Same error long time ago : Getting a 503 while downloading certbot-auto

Osiris · January 11, 2020, 4:08pm

Perhaps we should ping @bmw and @lestaff again.

May I suggest a long term solution and/or a better monitoring service?

mnordhoff · January 11, 2020, 4:12pm

I would encourage people to follow the normal instructions when possible, but as a temporary workaround, you can download certbot-auto from GitHub.

github.com

certbot/certbot/blob/master/certbot-auto

#!/bin/sh
#
# Download and run the latest release version of the Certbot client.
#
# NOTE: THIS SCRIPT IS AUTO-GENERATED AND SELF-UPDATING
#
# IF YOU WANT TO EDIT IT LOCALLY, *ALWAYS* RUN YOUR COPY WITH THE
# "--no-self-upgrade" FLAG
#
# IF YOU WANT TO SEND PULL REQUESTS, THE REAL SOURCE FOR THIS FILE IS
# letsencrypt-auto-source/letsencrypt-auto.template AND
# letsencrypt-auto-source/pieces/bootstrappers/*

set -e  # Work even if somebody does "sh thisscript.sh".

# Note: you can set XDG_DATA_HOME or VENV_PATH before running this script,
# if you want to change where the virtual environment will be installed

# HOME might not be defined when being run through something like systemd
if [ -z "$HOME" ]; then

This file has been truncated. show original

Depending on your OS, you could use one of the other Certbot installation methods as well.

schoen · January 11, 2020, 8:16pm

It seems to be OK again now. (Thanks for the reports.)

Osiris · January 12, 2020, 12:45am

Any idea of a more permanent solution was enabled?

orangepizza · January 12, 2020, 12:57am

So automated certificate client didn’t automated their certificate?

neik1 · January 12, 2020, 9:19am

It worked for me now. Sadly I am automating an install on Centos 8 so I have to download the program from dl.eff.org. I don’t understand why it’s not in the standard repo this far into the 21st century.

system · February 11, 2020, 9:19am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.