docs.rs: Expired certificate on doc.rs
Since a few minutes doc.rs is not accessible using a secure browser:
docs.rs uses an invalid security certificate.
The certificate expired on 3 July 2018, 09:20. The current time is 3 July 2018, 09:28.
Error code: SEC_ERROR_EXPIRED_CERTIFICATE
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Reactions: 23
- Comments: 17 (3 by maintainers)
Certificate is renewed now, I actually wrote acme-client for docs.rs, so I can automate this process but never had enough time to integrate this to docs.rs. I’ll just add a cron job now.
For a workaround, use Internet Explorer if you are on Windows. It allows you to still load the page, even though there is a certificate error.
I never expected the day where I’d say “this website works better using Internet Explorer” but oh well, here we are…
To all those who are asking docs.rs to be an official thing: Onur is on the rustdoc team now, and the plan is to do just that. We haven’t had the opportunity to loop more people into the project yet.
@onur First of all, thank you for providing such a nice service to the entire Rust community! ❤️ Since your time as a volunteer is valuable, we understand that you want as little hassle as possible from infrastructure-problems like this.
Currently, the least amount of hassle you can have for SSL certs is by using LetsEncrypt: a free, automated certificate provider, supported, among others by, Mozilla;
Set it up once, add a cronjob, and never worry about it again! Detailed instructions for
nginxare on the nginx blog: https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/Hopefully, this one-time hassle now will make your service better, and allow you to work on things you enjoy, instead of doing boring, stressfull, manual cert renewals. ❤️
Just my opinion: I agree with @hellow554 that doc.rs is a critical infrastructure and it should probably not happen but the real problem behind that is it looks like doc.rs is baked only by @onur whereas it has became a critical rust infrastructure.
Shouldn’t doc.rs be maintained by the @rust-lang org?
@hellow554 “not acceptable” is the kind of wording that makes volunteers give up. Better lobby the core team or Mozilla to maintain this service (which I agree is crucial by now).
There is a ton of clients but please. This behavoir (if you really do this manually) <strike>is not acceptable for such a crucial infrastructure.</strike> needs improvement.
I’m sorry for my harsh words. 😦
Not the first time this happens: #9 #78 #106 . It seems that docs.rs certificates are managed manually.
There are automated tools for this, like certbot.
Oh wow! For a second I thought you wrote it just now, but I see from the commit log that it goes back a longer while. Nice tool!
Kudos on automating the renewal for docs.rs! (You have my sympathy as an admin who also had his certs expire on him)
Moving
docs.rsto the rust-lang organization does not magically solve any problems. If we would just do it right now, @onur would still be the only person maintaining and hosting the site, and we would still have this exact same problem.Reading through your comments, the root of your complaint is that “rust-lang should be doing more to offer documentation for the crates on crates.io in a reliable way”. This is fair, but my point is that you should be directing this complaint at the rust-lang organization itself via its official channels (internals, crates.io, etc.) instead of just focusing them at @onur here.
Until this day I thought that https://docs.rs is the offical (as in maintained by the rust team) page for docs 😮 I never thought about it before.
Or if you don’t like this tool, there are small ones like https://github.com/diafygi/acme-tiny, too. 😃 I use it to automate my certificates.
Copying my comment from Reddit:
I think if you’re using HSTS, you should make sure your certificate stays up to date. Otherwise, people will start posting work-arounds, thus diminishing the positive effect of HSTS.