View Issue Details

IDProjectCategoryView StatusLast Update
0001478Main CAcert Websitepublic2020-05-12 06:59
Reporterallefm Assigned Toegal  
PriorityimmediateSeverityblockReproducibilityhave not tried
Status closedResolutionfixed 
PlatformMain CAcert WebsiteOSN/AOS Versionstable
Summary0001478: not issuing new certificates
DescriptionWhen trying to renew old certificate or get a new certificate, https://www.cacert.org/account.php?id=12 shows pending status for more then 48 hours.


Steps To ReproduceTry to renew certificate or get a new certificate.
TagsNo tags attached.
Reviewed by
Test Instructions

Relationships

child of 0001479 closedegal On Palemoon, Seagate, and Firefox browsers page https://www.cacert.org fails 
child of 0001481 closedegal Main site cert expired on 2020-04-04 results in DLG_FLAGS_SEC_CERT_DATE_INVALID + strict transport security => site unavailable 

Activities

cache

2020-03-20 21:50

reporter   ~0005866

Any updates? Starting to look into openssl if this is will be down another week. Have multiple expired certs I cannot renew. Let me know if I should be watching another status page or if this is acknowledged elsewhere. Thanks!

ok

2020-03-21 12:23

reporter   ~0005867

Currently CACert web site is not working (error code SEC_ERROR_OCSP_OLD_RESPONSE), CRL is not updating, certificates can not be renewed. Please any one write something somewhere about the state and when it will probably be fixed, current silence is really a problem.

jandd

2020-03-21 13:30

administrator   ~0005868

I tried to contact the critical admin (unfortunately there is only one left) but received no response yet the issue is assigned to him.

@dastrath: if you read this please give a status update

Ted

2020-03-23 09:19

administrator   ~0005869

As reported on the support mailing list: It seems that the signing server is down. Since there is no network access to the signing server a visit to the hosting site is necessary. This is currently prevented by SARS2-Covid19 limitations

egal

2020-03-28 15:52

administrator   ~0005871

I'm aware of the issue, but (Ted wrote) there are some restrictions currently due to Cronona/Covid19.

As soon as there is no risk for CAcert and datacenter personal our top priority action will be to activate the signer again.

ccaceres

2020-04-01 16:41

reporter   ~0005872

Hi there

I have the same problem, I cannot renew certificates and generate new ones, which is affecting my systems.

regards

Cristian

allefm

2020-05-05 10:53

reporter   ~0005876

Update 2020-05-05: All pending certificates requests are processed now, new requests should now processed on the fly again.

egal

2020-05-12 06:58

administrator   ~0005878

Signer-hardware was replaced (see blogpost)

egal

2020-05-12 06:59

administrator   ~0005879

Signer hard hardware-issue, was replaced

Issue History

Date Modified Username Field Change
2020-03-12 07:41 allefm New Issue
2020-03-12 07:41 allefm Assigned To => jandd
2020-03-12 14:19 jandd Assigned To jandd => egal
2020-03-20 21:50 cache Note Added: 0005866
2020-03-21 12:23 ok Note Added: 0005867
2020-03-21 13:30 jandd Note Added: 0005868
2020-03-21 13:31 jandd Priority normal => immediate
2020-03-21 13:31 jandd Project Infrastructure => Main CAcert Website
2020-03-21 13:31 jandd Category general => General
2020-03-23 09:19 Ted Note Added: 0005869
2020-03-23 09:26 jandd Relationship added child of 0001479
2020-03-28 15:52 egal Note Added: 0005871
2020-04-01 16:41 ccaceres Note Added: 0005872
2020-04-08 17:50 jandd Relationship added child of 0001481
2020-05-05 10:53 allefm Category General =>
2020-05-05 10:53 allefm Note Added: 0005876
2020-05-12 06:58 egal Note Added: 0005878
2020-05-12 06:59 egal Status new => closed
2020-05-12 06:59 egal Resolution open => fixed
2020-05-12 06:59 egal Note Added: 0005879