This is not the first time for me this end of year that an expired certificate blocks a nice surfing experience. Since Let’s Encrypt and certbot certificates should be renewed automagically, don’t they?
Yes, letsencrypt certificates are meant to renew automatically. Their site and twitter account do not indicate a general problem at the moment.
“Unfortunately” the bugtracker is configured for HTTP Strict Transport Security (HSTS) which means that Firefox doesn’t allow to ignore this certificate error. Chrome does.
Depends on how you requested it. Many programs used in managing web servers integrate with Let’s Encrypt nowadays to allow for automated renewals, but manually requesting a single certificate using the certbot client in a console is still well possible.
On my Windows 10 Pro the following browsers give a warning, but after another click happily offer to load the page anyway: Vivaldi (Chromium based), Edge and … Internet Explorer 11 … and Opera 12.17 .
Hi all, our IT team is working on fixing this situation.
At the moment, I don’t have an exact timeframe, however I will make sure to keep you updated as we go along.
FWIW; from what I heard it looks like the validation process (How It Works - Let's Encrypt) needs to be fixed on FP’s end after which it’ll renew automagically again.
Indeed, the recertification process needs to happen again. Our IT team has been notified, and are looking into fixing the issue. Still waiting to find out if it can be fixed today.