Did you see the last part of the screenshot? It also says:
E:Therepository'https://download.webmin.com/download/repository sarge Release'nolongerhasaReleasefile.N:Updatingfromsucharepositorycan't be done securely, and is therefore disabled by default.N:Seeapt-secure(8)manpageforrepositorycreationanduserconfigurationdetails.
When I run sudo apt install ca-certificates I get:
Also, this happened for 2 different users on 2 different computers - what are the odds that the ca-certificates package suddenly breaks simultaneously for both??? And it was working a couple of days ago, so something must have happened in the last few days I think.
Last edit: Artur Meinild 2020-09-09
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I created an issue on the GitHub and have verified the certificate has indeed expired with more information on the issue there. It's not a browser cache or time sync issue. Hopefully they'll have it sorted out soon.
Validity ----------------------------
Not Before 6/11/2020, 7:56:09 AM (Central European Summer Time)
Not After 9/9/2020, 7:56:09 AM (Central European Summer Time)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
when i saw the post earlier today (ilia's first response) i checked the link and the cert was ok, having been renewed 'today' so thought his ca-certificates advice was good
it now appears to have expired.
Is this a dateline issue ?
Perhaps the renew period should be set to 2 months just in case ?
Last edit: rj elleray 2020-09-09
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The certificate expired at exactly 2020-09-09 05:56:09 UTC (a little over 12 hours ago). Certificates have a UTC expiration so it is the same for everyone and does not vary by location or time zone.
Additionally, Let's Encrypt has a fixed length of time for which their SSL certificates are valid. It's a free service, but does require the host to request a renewed certificate periodically. If the host fails to update its certificate for any reason, events like today are what happens.
For anyone interrested in learning more about the free certificate service Let's Encrypt offers, see here: https://letsencrypt.org/. The only way to get a certificate that lasts longer is to purchase one.
Last edit: Craig Scheets 2020-09-09
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
swicthing from opera to firefox shows the cert is ok
'expires08 November 2020'
Not Before
10/08/2020, 07:01:47 (British Summer Time)
Not After
08/11/2020, 06:01:47 (British Summer Time)
DNS Name
download.webmin.com
same pc within 10 mins opera actively used today versus new firewox session ??
craig so it was renewed in august !
Last edit: rj elleray 2020-09-09
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
You have certificate error on one of your Repo mirrors - again (IP: 104.207.151.13). It expired yesterday on november 8th.
Why don't you have a script that updates the certificates automatically?
Last edit: Artur Meinild 2020-11-09
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Err:7https://download.webmin.com/download/repositorysargeReleaseCertificateverificationfailed:ThecertificateisNOTtrusted.Thecertificateissuerisunknown.Couldnothandshake:Errorinthecertificateverification.[IP:104.207.151.13443]Readingpackagelists...DoneE:Therepository'https://download.webmin.com/download/repository sarge Release'nolongerhasaReleasefile.N:Updatingfromsucharepositorycan't be done securely, and is therefore disabled by default.N:Seeapt-secure(8)manpageforrepositorycreationanduserconfigurationdetails.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
As of today, we get the following error when doing
sudo apt update:So what happened here? Also see attached image.
Thanks.
This is a common error when
ca-certificatespackage is missing or corrupt.Try installing or reinstalling it.
Did you see the last part of the screenshot? It also says:
When I run
sudo apt install ca-certificatesI get:Also, this happened for 2 different users on 2 different computers - what are the odds that the ca-certificates package suddenly breaks simultaneously for both??? And it was working a couple of days ago, so something must have happened in the last few days I think.
Last edit: Artur Meinild 2020-09-09
The Lets encrypt certificate has run out
Last edit: wiesi.at 2020-09-09
Perhaps it's a browser's cache issue? Can you try some other browser and see if you're getting the same issue?
Is the time set on the machine in sync, by the way?
I created an issue on the GitHub and have verified the certificate has indeed expired with more information on the issue there. It's not a browser cache or time sync issue. Hopefully they'll have it sorted out soon.
https://github.com/webmin/webmin/issues/1294
Missed that one =)
Same here:
Browsing to https://download.webmin.com/download/repository shows that the Lestencrypt certificate for "download.webmin.com domain" is expired.
Craig.
Brilliant proactive help :-)
d
Exactly ;-)
however everyone,
when i saw the post earlier today (ilia's first response) i checked the link and the cert was ok, having been renewed 'today' so thought his ca-certificates advice was good
it now appears to have expired.
Is this a dateline issue ?
Perhaps the renew period should be set to 2 months just in case ?
Last edit: rj elleray 2020-09-09
The certificate expired at exactly 2020-09-09 05:56:09 UTC (a little over 12 hours ago). Certificates have a UTC expiration so it is the same for everyone and does not vary by location or time zone.
Additionally, Let's Encrypt has a fixed length of time for which their SSL certificates are valid. It's a free service, but does require the host to request a renewed certificate periodically. If the host fails to update its certificate for any reason, events like today are what happens.
For anyone interrested in learning more about the free certificate service Let's Encrypt offers, see here: https://letsencrypt.org/. The only way to get a certificate that lasts longer is to purchase one.
Last edit: Craig Scheets 2020-09-09
Okay, thanks. It seems to be fixed now.
swicthing from opera to firefox shows the cert is ok
'expires08 November 2020'
Not Before
10/08/2020, 07:01:47 (British Summer Time)
Not After
08/11/2020, 06:01:47 (British Summer Time)
DNS Name
download.webmin.com
same pc within 10 mins opera actively used today versus new firewox session ??
craig so it was renewed in august !
Last edit: rj elleray 2020-09-09
Okay, please wait. There is one more mirror to sync with. We will fix it shortly..
mirror mirror in the cloud
how I wish you were what i looked at a minute ago...
Thanks - yes I still get the error on one machine - thanks for taking care!
Okay, this time it's fixed.
You have certificate error on one of your Repo mirrors - again (IP: 104.207.151.13). It expired yesterday on november 8th.
Why don't you have a script that updates the certificates automatically?
Last edit: Artur Meinild 2020-11-09
We do. We checked it yesterday and something was wrong. Which particular URL fails at the moment?
Okay, I see that 104.207.151.13 still fails. Darn it.
Sorry about that.
It's ok - just wanted to point out. Hope you can get it all to work. Thanks. :-)
This seems to be failing on 104.207.151.13 again