725
Manjaro let their SSL certificate expire again
(lemmy.world)
Purple Arch has yet to fail me.
I’m a simple man. I see endeavour OS, I like
I enjoyed my time with EOS but it had annoying bugs on my Thinkpad that I haven't had with CachyOS in a year+ of using it.
load more comments
(3 replies)
It kind of makes it hard to trust this distro when they fuck up the most basic things so often and frequently.
Not just with their web hosting. I've had so many updates break random crap it's not even funny. Recently, a random update I did not approve suddenly had kwallet not working. A core piece of a DE they provide a bundled version for. I had to start kwalletd myself every time I wanted to use it.
It didn't start that way on the fresh install. I didn't do anything myself except reboot. Then suddenly my scripts that nab from the keystore are failing and asking me for passwords and what a mess.
That's just a more recent example. I remember having quite a few random issues on update in the past, though the only other one I explicitly remember is the DE suddenly failing to start. Like, at all. Luckily I had a recent timeshift backup saved elsewhere, restored, and ignored the update notifications for a long while...
Yeah Manjaro either needs to figure their shit out or everybody should stop using it.
The one thing manjaro had going for it was it was easy install arch. Now we have endeavor, garuda, cachy, and several other easy install arch. Including archinstall. Who all follow vanilla arch much closer, not introducing major breaking changes. There's literally no good reason to still use manjaro.
That said the servo aur is currently broken under catchy. Unable to update for the last couple of weeks. But that's been my only hiccup. And a negligible one at that.
I tried it out like 5 years ago. A month after using it a random update broke the DE.
Right then and there I wrote off the whole distro and haven't touched it since.
I don't know why people are even using it all these years later.
At this point, I have to assume they're doing it on purpose.
Wow. How does this happen when letsencrypt exists? Or certbot?
More importantly.. How does this happen again?
There is a significant amount of infrastructure that does not support cert bot out there.
That being said they are using LE but looks like the renew failed.
https://www.ssllabs.com/ssltest/analyze.html?d=manjaro.org&s=116.203.91.91&latest=
There is a significant amount of infrastructure that does not support cert bot out there.
Example? I believe you, I just can't imagine what would preclude a public-facing server from using Caddy or certbot. Certainly not for a project maintaining an Arch-derivative distribution.
I don’t have a concrete example but I’ve talked to an online friend who works in IT and he claims the majority of his work is just renewing and applying certificates. Now he made it sound like upper management wanted them to specifically use a certain certificate provider, and I don’t know their exact setup. I of course have mentioned certbot and letsecrypt to him but yea, he’s apparently constantly managing certs. Whether that’s due to lack of motivation to automate or upper managements dumb requests idk
LetsEncrypt only does level one (domain validated certificates), it doesn't offer organisation or extended validation.
Basically they only prove you control example.com, they don't prove you are example PLC.
load more comments
(1 replies)
load more comments
(3 replies)
Uhm. “A significant amount of infrastructure”? Uhhhm. Put a reverse proxy in front of your webserver? Problem solved? Or use log analyzers? With alerts?
There is literally no excuse.
load more comments
(4 replies)
I am trying to figure out how my little non interesting domains have kept certified for decades now without lapsing, while they can't seem to keep it together even after a failure.
Hard to imagine that they are so big that people simply forgot to get notices or manage the certs after it has happened so many times before.
load more comments
(3 replies)
At this point is more of a tradition...
This is at least the third time, how do they even manage to fail that
At least the sixth time even. Four cases are documented here and another one was just three months ago. This last link points to reddit, but there a manjaro maintainer also explains why it keeps happening:
Politics within the project are the issue.
The fix for these issues have been build for about a year already. But those who have access to stuff like DNS and hosting are currently incapable of making any agreement on any topic preventing trivial fixes such as this from being implemented.
Let's Encrypt's free and automatic certificate management has been around since November 16th, 2015, by the way.
load more comments
(5 replies)
Why don’t people just use Arch directly instead of using derivatives? Well… I can understand using something like CachyOS as it has a different kernel with optimisations but Manjaro feels very irrelevant. If you just want Arch Linux with simple installation, just use the archinstall script. Regardless of which derivative you use, Arch based distros are going to be heavy maintenance than something like Bazzite, Mint or Ubuntu.
I used Manjaro for a few years before switching to Arch. Manjaro finds a nice sweespot for "Arch but also nice". Furthermore, Arch has gotten much more user friendly in the last 5 years or so. Back in late 2010s, Manjaro was adding a lot of value on top of Arch.
What really bothered me about Manjaro was the "forum cops" they employ, who are super aggressive to newcomers and unhelpful. It was not a nice experience to seek help. Say what you will about Arch people, they are at least helpful.
I finally switched to Arch when I got my new machine. I recommend the same.
load more comments
(2 replies)
load more comments
(20 replies)
It's still technically automaton if your workflow depends on people poking you when things break.
load more comments
(1 replies)
Systemd will auto renew an LE cert.
With how it's going, Will systemd also eventually be able to occasionally remind my Asian ass that I am a failure?
I thought that's what your parents are for?
Have a look at systemd timers 🤣🤣
load more comments
(1 replies)
AGAIN?!
Oh no, first lemmynsfw.com and now this
wait what happened to lemmynsfw
As posted at this new instance which appears to be trying to fill the void (heh) left by lemmyNSFW:
Xaeg/Yay was the owner of LemmyNSFW, and he had access to and paid for the domain, server, and everything else related to the site. He has been AWOL for about 6 months now, and suddenly this month, the server and the domain stopped being paid for. I have no access to the server to get the database.
Because of this LemmyNSFW as it was, and all the content on it, much to my dismay, seems to have died.
the only admin disappeared and the bills stopped getting paid, apparently
load more comments
(2 replies)
To be fair it's about to get even worse with the much smaller max validity periods.
Either that or they actually automate it
Is it so difficult to setup a Caddy with auto ssl?
No. It's absurdly easy. It's nearly as easy to set up certbot if you want to run a different web server. Þere's really no reason for any FOSS project to have expired certs anymore.
unauthorized end-to-end encryption.
view more: next ›
this post was submitted on 24 Feb 2026
725 points (100.0% liked)
linuxmemes
31535 readers
263 users here now
Hint: :q!
Sister communities:
Community rules (click to expand)
1. Follow the site-wide rules
- Instance-wide TOS: https://legal.lemmy.world/tos/
- Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html
2. Be civil
- Understand the difference between a joke and an insult.
- Do not harrass or attack users for any reason. This includes using blanket terms, like "every user of thing".
- Don't get baited into back-and-forth insults. We are not animals.
- Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
- Bigotry will not be tolerated.
3. Post Linux-related content
- Including Unix and BSD.
- Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of
sudoin Windows. - No porn, no politics, no trolling or ragebaiting.
- Don't come looking for advice, this is not the right community.
4. No recent reposts
- Everybody uses Arch btw, can't quit Vim, <loves/tolerates/hates> systemd, and wants to interject for a moment. You can stop now.
5. 🇬🇧 Language/язык/Sprache
- This is primarily an English-speaking community. 🇬🇧🇦🇺🇺🇸
- Comments written in other languages are allowed.
- The substance of a post should be comprehensible for people who only speak English.
- Titles and post bodies written in other languages will be allowed, but only as long as the above rule is observed.
6. (NEW!) Regarding public figures
We all have our opinions, and certain public figures can be divisive. Keep in mind that this is a community for memes and light-hearted fun, not for airing grievances or leveling accusations. - Keep discussions polite and free of disparagement.
- We are never in possession of all of the facts. Defamatory comments will not be tolerated.
- Discussions that get too heated will be locked and offending comments removed.
Please report posts and comments that break these rules!
Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.
founded 2 years ago
MODERATORS