Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Pages: 1
Topic closed
Textpattern project sites TLS is changing from January 2021
This is no longer required. Please see this reply for more info.
Note: this message relates to the TLS (https) for the Textpattern project sites, including *.textpattern.com, textpattern.org, txpmag.com, textile-lang.com (not strictly Textpattern but we host it), textpattern.net and textpattern.io. Your own Textpattern sites may be affected by this change, but you should contact your web hosting org to confirm the status if you’re unsure.
We use Let’s Encrypt! for our TLS certificates. They are changing the way they deliver certificates from January 11 2021. The user-friendly information can be found here and some more detailed information can be found here (both links safe for work).
We intend to gradually switch our sites to the ISRG certificate from January 11 2021. According to our (IP anonymised) web server logs, the vast majority of site visitors are unaffected and will notice no difference. This thread will be updated with a timeline of events for each site’s TLS migration, starting with the sites that attract least traffic so you can test the new certificate in relative safety. The forum and main .com site will be the last to switch.
No action is required from you unless one or more of the following applies to you:
- you use Android < 7.1.1
- you use iOS < 9
Users with Android < 7.1.1 should use Firefox Mobile as this works around the certificate issue. Users with iOS…well, at the moment I don’t have a solution, but should something come to light I’ll certainly let you know.
If you have questions and / or concerns, please ask.
Thank you.
Last edited by gaekwad (2020-12-25 13:42:32)
Offline
Re: Textpattern project sites TLS is changing from January 2021
Working timeline (will be updated, dates may change if issues arise):
- December 28 2020 – force renew all TLS certificates using “DST Root CA X3” with 90-day lifespan (expires March 28 2021)
- January 11 2021 – Let’s Encrypt! start issuing certificates with “ISRG Root X1” as the default
- January 18 2021 – batch 1 of 4: ISRG TLS reissue for Textpattern network sites
- February 1 2021 – batch 2 of 4: ISRG TLS reissue for Textpattern network sites
- February 15 2021 – batch 3 of 4: ISRG TLS reissue for Textpattern network sites
- March 1 2021 – batch 4 of 4: ISRG TLS reissue for Textpattern network sites
Status updates will be posted in replies below.
Offline
Re: Textpattern project sites TLS is changing from January 2021
Some interesting developments in the last 24 hours or so, namely Extending Android Device Compatibility for Let’s Encrypt Certificates
tl;dr – everything is going to be alright until 2024, anyway
The pull quote is:
We will not be performing our previously-planned chain switch on January 11th, 2021. Instead, we will be switching to provide this new chain by default in late January or early February. The transition should have no impact on Let’s Encrypt subscribers, much like our switch to our R3 intermediate earlier this month.
So, yeah. I don’t need to change anything, and I will refocus on the server build overhaul instead. This brings plans forward quite well, and I can do various things in this off-peak holiday season, which is good.
I will unsticky the OP later today.
Offline
Re: Textpattern project sites TLS is changing from January 2021
Last November was another planet for me) So LEs are currently not supported by Android devices?
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: Textpattern project sites TLS is changing from January 2021
colak wrote #327853:
So LEs are currently not supported by Android devices?
Android is fine. There was potentially an issue that would have appeared next month that would have affected long-since abandoned Android versions, but that issue has now been averted.
Offline
Re: Textpattern project sites TLS is changing from January 2021
Got it! Thanks Pete
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Pages: 1
Topic closed