Thanks for the info @George. I should be more specific about the issue, perhaps.
Let’s Encrypt had to do an emergency revocation of certificates and gave just a couple days for admins to reissue certs. On January 28, the certificates will begin to fail for clients (who will not know to refresh a cache.)
There is no issue that will show up in the logs or debug as the current certs are valid…but again, they won’t be on the 28th.
Traefik responded to this event with instructions:
However, those of us on this thread have not yet figured out how to carry out these instructions.
Can you assist?
Thanks much!
Here is the email:
Hello,
Please immediately renew your TLS certificate(s) that were issued from
Let's Encrypt using the TLS-ALPN-01 validation method and the following
ACME registration (account) ID(s):
REDACTED IDs
We've determined that an error made it possible for TLS-ALPN-01
challenges, completed before today, to not comply with certificate
issuance requirements. We have remediated this problem and will revoke
all unexpired certificates that used this validation method at 16:00 UTC
on 28 January 2022. Please renew your certificates now to ensure an
uninterrupted experience for your site visitors.
We apologize for any inconvenience this may cause. If you need support
in the renewal process, please comment on our forum post. Our staff and
community members are available to help:
https://community.letsencrypt.org/t/170449
Thank you,
The Let's Encrypt Team