Nest certificate issue


#1

Hi everyone.

Am I the only one to have an error with the nest certificate? It says the connection is not secure as the CA is unknown (Firefox Nightly).


#2

You’re definitely not the only one. I can reproduce this issue using Firefox, Chrome and curl. However I don’t know if it affects only the web-interface itself or also the pijul cli.


#3

AFAIK, pijul cli is fine from this matter.


#4

You’re definitely not the only one. The issue is, I moved the server from Hetzner to Google Cloud. The server is deployed using NixOps, which is super well tested for AWS and the low-tech Hetzner, but doesn’t quite work for the high-tech GCE and its ten daemons that monitor your instance.

The documentation of NixOS and NixOps doesn’t really help, as usual, so my instance kept crashing every night at around 4am, locking me out of SSH.

I realised after reinstalling it four times that it was trying to self-update, and disabled that, but it was too late: I had already hit Let’s Encrypt’s limit rates of five requests per week.

So, we have to wait until tomorrow to get a decent certificate. I’m sorry about that. As soon as I can make my own NixOps images, I’ll write PAGES of documentation.


#5

Thanks for the heads-up! Maybe we could try to have a status page for the nest and to update it as often as possible with that kind of notices. It would be very helpful.


#6

Btw, if the CLI can still download patches from HTTPS, that’s an extremely serious security flaw, which should be fixed as soon as possible.


#7

It cannot, but I just fixed the error message.


#8

This issue is now fixed!