Hello gophers, The Let’s Encrypt certificate authority is revoking all certificates issued with the TLS-ALPN-01 verification method before 00:48 UTC on 26 January 2022 due to a compliance issue. (Read more in the Let’s Encrypt announcement <https://community.letsencrypt.org/t/2022-01-25-issue-with-tls-alpn-01-validation-method/170450>.) As TLS-ALPN-01 is the preferred and default verification method used by golang.org/x/crypto/acme/autocert, most certificates managed by autocert will be revoked beginning at 16:00 UTC on 28 January 2022. This will cause connection errors on some platforms.
We recommend updating the golang.org/x/crypto module to version v0.0.0-20220126234351-aa10faf2a1f8 (or later), which will automatically renew potentially affected certificates issued before Let’s Encrypt deployed their fix. Alternatively, delete ALL files in the autocert cache EXCEPT "acme_account+key" or "acme_account.key", and restart the application. If using autocert.NewListener <https://pkg.go.dev/golang.org/x/crypto/acme/autocert#NewListener> on Linux, the cache is located at $XDG_CACHE_HOME/golang-autocert or $HOME/.cache/golang-autocert. In order to get notified of similar issues in the future, we recommend setting the Manager.Email <https://pkg.go.dev/golang.org/x/crypto/acme/autocert#Manager.Email> field. Cheers, Go Security team -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CADAOFNTGX-9hE9d6Wu8fQLgrZOe53QVcX-ehOXT8b9W52QmQPA%40mail.gmail.com.
