Let's Encrypt has been working normally for most of the day. There was a ~90 minute period during which some of our users would have received a higher error rate due to upstream networking issues, but the majority of requests were successful even during that period.

It seems our status.io notes are being misinterpreted as much more severe than they were intended to reflect.

Edit: Note that this was written in response to a previous submission title implying that Let's Encrypt was entirely down most of the day.

▲

widdakay 2 days ago | parent [-]

I'm not sure if your higher error rate is sticky per user or something, but I've tried 10+ times throughout the day and have had 0 successes. They all come back as internal server error. That's why I eventually posted.

▲

jaas 2 days ago | parent | next [-]

It would not have been sticky for the entire day. If it was sticky at all, it would have been only during the 90 minute period I referenced. It's most likely that there is some other issue with how you're requesting the cert. Folks can help debug at: https://community.letsencrypt.org/

▲

widdakay 2 days ago | parent | next [-]

I ran the exact same command now and it's working, so it is possible I was unlucky and was hitting all the worst possible cases.

▲

sgt 2 days ago | parent | prev | next [-]

Could it be that he was simply throttled while retrying? That seems plausible, and it would make it seem like a long outage.

▲

widdakay 2 days ago | parent | prev [-]

I updated the post title to say (Fixed) now.

▲

jaas 2 days ago | parent [-]

Since Let's Encrypt wasn't down most of the day if would be helpful if you could update the title to reflect that.

▲

widdakay 2 days ago | parent [-]

I updated the title. Let me know if you think it's more accurate. It did appear as down for me though.

▲

jaas 2 days ago | parent [-]

Yeah, thanks

▲

widdakay 2 days ago | parent [-]

I did not intend this to hit the top of the front page lol. I just posted it and then came back 15 minutes later to it having exploded.

▲

jaas 2 days ago | parent [-]

No worries

▲

taspeotis 2 days ago | parent [-]

Thanks for securing the web

▲

sam_lowry_ 2 days ago | parent [-]

Thank them for making the web depend on a single US-based shady org, as if DNS was not enough.

▲

cpach 2 days ago | parent [-]

Feel free to launch your own CA.

▲

sam_lowry_ 2 days ago | parent [-]

No-no, I would rather go back to the good old HTTP/1.1.

P.S. JS injection into TCP packets and other meddling with passthrough data should be banned legally, not technically via encryption.

▲

soco 2 days ago | parent [-]

I wish you good luck in court trying to get compensation for the damage you've got through a JS injection attack. Because people prefer to lock their valuables instead of constantly having to identify and sue thieves.

▲

sam_lowry_ 2 days ago | parent [-]

Not court, regulation. Wanna be a carrier? Then don't meddle with traffic. Otherwise, you are liable for all the child porn and drug trade that happen to cross your boundary.

▲

Natfan 2 days ago | parent | next [-]

am i a carrier when i host my own wifi network?

▲

soco 2 days ago | parent | prev [-]

Right, we actually agree on this. And where is regulation enforced? In courts. Who says the provider is liable? A court. This was my point: not locking your house means a lot of processing to get back to the place where you have been before - if it can ever happen. And I'd very much not go through a whole trial...

	▲	sam_lowry_ 2 days ago \| parent [-]
		Regulation is enforced in courts only in the US, heh.

▲

teekert 2 days ago | parent | prev [-]

Why are you trying? Doesn’t Caddy (or something) just takes care of this well in advance and should have no issues with one or several days of my service at all at any time?

Edit: my bad. I’ve tried as well recently, when you’re rushing to get your new domain up of course…