Getting a 503 while downloading certbot-auto

Attempting to download currently returns the following error:

Error 503 certificate has expired
certificate has expired

Guru Mediation:
Details: cache-jfk8122-JFK 1534905303 3520469420

Varnish cache server
1 Like

Let’s ping a staff to help

@lestaff fastly report that has error 503… Is there way to resolve it?


I don’t think that Let’s Encrypt/ISRG staff can fix it since it’s a different organization. Maybe @schoen or @bmw ?

This happened last year as well, Certbot isn’t dogfooding :confused: ?

Looks fixed now - fast as lightning :slight_smile: !

I’ve pinged EFF’s operations team about this. It should be fixed soon.

In the meantime, you can use these URLs:

certbot-auto PGP signature


503 is back…

Error 503 certificate has expired

certificate has expired

Guru Mediation:

Details: cache-lcy19233-LCY 1534929907 2105284685

any updates?
Is someone working on it?

Anyone can help?I also got this problem!503 certificate has expired.

@stevenm, @fane89, @keithp : I suspect this error is regional in nature and perhaps only a small number of Fastly’s edge servers are using an expired certificate. I’m not able to reproduce from my own network perspective. Could the folks still affected please visit and share the textblock results? I think this will be valuable debug information for @bmw to pass along to the EFF admins/Fastly support.

Edit: Whoops! I think I jumped to the wrong conclusion. This 503 is about the origin certificate expiring and doesn’t involve the certificate at the fastly edge at all. Time for more :coffee:

| Debug

Please submit text block below with your ticket to Fastly


Client IP Info
AS Name AS3215, FR
AS Number 3215
City paris
Continent EU
Country france
State IDF
Resolver IP Info
AS Name AS3215, FR
AS Number 3215
Country Code FR
Server Connection Info
Datacenter CDG
BW to server 117.66mbps
Congestion Window 97
Next Hop
RTT 4.084ms
Delta Retransmits 0
Total Retransmits 0
POP Latency (ms)
LHR 11
LCY 15
MAD 21
FRA 16
HHN 18
AMS 24
BMA 38
JFK 77
HKG 269
Request Info
Time Wed Aug 22 2018 16:26:50 GMT+0200 (Central European Summer Time)
Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8
User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Accept-Language en-GB,en-US;q=0.9,en;q=0.8
Accept-Encoding gzip

1 Like

Thanks @tdelmas.

I updated my comment. I sent folks on a wild goose chase with the debug info. I’m able to reproduce this reliably when I do it correctly. It seems like the origin still has an expired certificate and it has nothing to do with network perspective or Fastly’s environment.

Sorry folks!

1 Like

The issue has been resolved. Sorry for the trouble!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.