PHP Servers SSL Certificate Expiry

10 months ago by Derick Rethans — view source

unread

Hi All,

We're aware that this has happened. The process that we set-up a three
months ago with Let's Encrypt was not fully implemented.

There is no need to report this again, and I will update these lists
when it is addressed.

It does not affect www.php.net, but it does affect:

pecl.php.net
pear.php.net
talks.php.net
master.php.net (which effects many other integrations as well)
bugs.php.net
and likely others.

cheers,
Derick

10 months ago by Derick Rethans — view source

unread

Dear All,

pecl.php.net now has a valid SSL/TLS certificate again. And it turns out
that pear.php.net was not affected.

The other services do not have an updated certificate yet, but this
should be rolled out in the next few days.

with kind regards,
Derick Rethans

Hi All,

We're aware that this has happened. The process that we set-up a three
months ago with Let's Encrypt was not fully implemented.

There is no need to report this again, and I will update these lists
when it is addressed.

It does not affect www.php.net, but it does affect:

pecl.php.net
pear.php.net
talks.php.net
master.php.net (which effects many other integrations as well)
bugs.php.net
and likely others.

cheers,
Derick

--
https://derickrethans.nl | https://xdebug.org | https://dram.io

Author of Xdebug. Like it? Consider supporting me: https://xdebug.org/support
Host of PHP Internals News: https://phpinternals.news

mastodon: @derickr@phpc.social @xdebug@phpc.social
twitter: @derickr and @xdebug

10 months ago by tag Knife — view source

unread

Hi Derick,

Is there any reason why PHP does not use an automated certificate renewal
for lets encrypt?
Such as EFF-ACME-Certbot? [https://certbot.eff.org/]

Dear All,

pecl.php.net now has a valid SSL/TLS certificate again. And it turns out
that pear.php.net was not affected.

The other services do not have an updated certificate yet, but this
should be rolled out in the next few days.

with kind regards,
Derick Rethans

Hi All,

We're aware that this has happened. The process that we set-up a three
months ago with Let's Encrypt was not fully implemented.

There is no need to report this again, and I will update these lists
when it is addressed.

It does not affect www.php.net, but it does affect:

pecl.php.net
pear.php.net
talks.php.net
master.php.net (which effects many other integrations as well)
bugs.php.net
and likely others.

cheers,
Derick

--
https://derickrethans.nl | https://xdebug.org | https://dram.io

Author of Xdebug. Like it? Consider supporting me:
https://xdebug.org/support
Host of PHP Internals News: https://phpinternals.news

mastodon: @derickr@phpc.social @xdebug@phpc.social
twitter: @derickr and @xdebug

--

To unsubscribe, visit: https://www.php.net/unsub.php

10 months ago by Derick Rethans — view source

unread

Hi Derick,

Is there any reason why PHP does not use an automated certificate renewal
for lets encrypt?
Such as EFF-ACME-Certbot? [https://certbot.eff.org/]

We do, but we need to coordinate the same cert onto multiple servers, which is the process that isn't set up correctly yet.

cheers
Derick

Dear All,

pecl.php.net now has a valid SSL/TLS certificate again. And it turns out
that pear.php.net was not affected.

The other services do not have an updated certificate yet, but this
should be rolled out in the next few days.

with kind regards,
Derick Rethans

Hi All,

We're aware that this has happened. The process that we set-up a three
months ago with Let's Encrypt was not fully implemented.

There is no need to report this again, and I will update these lists
when it is addressed.

It does not affect www.php.net, but it does affect:

pecl.php.net
pear.php.net
talks.php.net
master.php.net (which effects many other integrations as well)
bugs.php.net
and likely others.

cheers,
Derick

--
https://derickrethans.nl | https://xdebug.org | https://dram.io

Author of Xdebug. Like it? Consider supporting me:
https://xdebug.org/support
Host of PHP Internals News: https://phpinternals.news

mastodon: @derickr@phpc.social @xdebug@phpc.social
twitter: @derickr and @xdebug

--

To unsubscribe, visit: https://www.php.net/unsub.php

10 months ago by Derick Rethans — view source

unread

Hi,

I (and Rasmus) have now updated TLS certificates on all the servers that
I am aware off (and have access to). They are now automated with Let's
Encrypt. I also have a todo item every month to check whether the certs
actually renewed.

If there are currently still *.php.net sites that have HTTPS errors,
please do let me know.

cheers,
Derick

Hi All,

We're aware that this has happened. The process that we set-up a three
months ago with Let's Encrypt was not fully implemented.

There is no need to report this again, and I will update these lists
when it is addressed.

It does not affect www.php.net, but it does affect:

pecl.php.net
pear.php.net
talks.php.net
master.php.net (which effects many other integrations as well)
bugs.php.net
and likely others.

cheers,
Derick

--
https://derickrethans.nl | https://xdebug.org | https://dram.io

Author of Xdebug. Like it? Consider supporting me: https://xdebug.org/support
Host of PHP Internals News: https://phpinternals.news

mastodon: @derickr@phpc.social @xdebug@phpc.social
twitter: @derickr and @xdebug

10 months ago by BohwaZ — view source

unread

Hi Derick,

I've had the same kind of issue as you. So I set up a script that will
check every day if the certificate for my domains expires in more than
30 days and sends me a SMS if the check fails.

Here is the code of the certificate check part, if that may be useful:
https://gist.github.com/bohwaz/a3e4eb91e82f12768b69f8d24cf0cca8

Have a nice day :)