Author Archives: Etienne Ruedin

Partially restricted operation / most services available

As a result of a chain of technical failures of old equipment already scheduled for replacement, there are currently certain limitations in the services provided to members of the CAcert community. We regret this terribly.

  • ?Bug management: normal operation
  • ?Service hub: normal operation
  • ?IRC: normal operation
  • ?reduced service
  • ?password reset: normal operation
  • ?webmail: normal operation
  • ?wiki/help centre: normal operation
  • ?main page: reduced service

Mid september, we discovered that a partition contained a corrupt file system. A
subsequent hardware test showed that one of the hard drives was reporting hardware errors. In order to be able to continue using the system, we have moved this partition to a second drive.

Since the end of september the system no longer responds. We suspect that other partitions are defective. Neither web access nor SSH access work, so the only way to find the error can only be analysed in more detail by a visit to our data centre.
In order to still be able to offer as many services as possible to the CAcert community until the repair, we redirected the connections for and in the incoming firewall to the second system. As a result of ongoing hardware renewal, however, this fall-back level is not quite complete: There is no working signer and no up-to-date copy of the CAcert database attached to this system.

That is, why the main page can be used as a start for informing our users about the blog for now, while certificate issuing and WoT access has to be postponed until our technical volunteers have made the several-hour trip to the data centre for troubleshooting. As they are doing this in their spare time and at their own expense, we are very grateful to these volunteers that they will probably be able to do this in mid-October.

If you would like to know what you can do yourself to ensure that such interruptions occur less frequently and are resolved more quickly, read this!

DEUTSCH: Infolge einer kaskadierten technischen Störung sind zur Zeit leider nicht alle Dienstleistungen übers Netz abrufbar. Alle Fernwartschritte haben unsere technischen Freiwilligen bereits unternommen. Bis zu einen Vororteinsatz im Rechenzentrum im Ausland voraussichtlich Mitte Oktober ist der Zugriff auf den Signer und die Datenbank nicht möglich. Wir bedauern dies sehr. Was Sie tun können, um solche Ausfallzeiten künftig zu verringern, lesen Sie hier!

FRANÇAIS: Suite à une panne technique en cascade, tous les services ne sont malheureusement pas accessibles en ligne pour le moment. Toutes les démarches de télémaintenance ont déjà été effectuées par nos volontaires techniques. L’accès au Signer et à la base de données est impossible jusqu’à une intervention sur place dans le centre de calcul à l’étranger, probablement mi-octobre. Nous le regrettons vivement. Vous pouvez lire ici ce que vous pouvez faire pour réduire ces temps d’arrêt à l’avenir!

PORTUGUÊS: Devido a uma falha técnica em cascata, infelizmente nem todos os serviços estão disponíveis pela rede no momento. Todas as medidas de manutenção remota já foram tomadas por nossos voluntários técnicos. O acesso ao signatário e ao banco de dados não será possível até uma visita no local ao centro de dados no exterior, provavelmente em meados de outubro. Lamentamos muito o ocorrido. Leia aqui o que você pode fazer para reduzir esses períodos de inatividade no futuro!

ESPAÑOL: Debido a un fallo técnico en cascada, lamentablemente no todos los servicios están disponibles actualmente a través de la red. Nuestros voluntarios técnicos ya han tomado todas las medidas de mantenimiento a distancia. El acceso al firmante y a la base de datos no será posible hasta una visita in situ al centro de datos en el extranjero, probablemente a mediados de octubre. Lo lamentamos mucho. Lea aquí lo que puede hacer para reducir estos tiempos de inactividad en el futuro.

Certificate renewing is pending (update & help)

Some of our community members (users) get a problem while they try to renew an existing certificate. The issue is: Certificate renewal is pending for days/weeks.

First of all, CAcert is not a service provider or a company, but a community. We are all in the same boat. We can only achieve our goals together, with your the cooperation of all of us (of all users=members).

One of our volunteer support engineers, a retired gentleman somewhere in Bohemia, wrote, after he watererd the flowers in the garden:
1. Many users use CAcert without any assurance. Until now, their CSRs were signed by Class 1 Root (–> serial # 1xxxxx) and their CSRs/renewals are stuck in a queue now.
2. These users know absolutely nothing about existence Class 1 & Class 3 Roots, as they don’t remember installing root(s), and when creating a new cert, they cannot see the choice Class 1/3, because with <50 assurance points (trust points) it isn’t displayed.
3. Many users do not know about the existence of Wiki, bugs, blog, CATS… websites. Our education possibly fails in this direction.

And from Alsace, a baker who is also CAcert volunteer writes after putting the children to bed: There is a lot of information and many tutorials are at the FAQ at How to create a certificate can be found at:

Another help message was sent by a CAcert volunteer who works as a bus driver from his mobile phone during the short break at the terminus: To get assurance points, the easyest way is to meet with two (or three) experienced assurers who can then credit you with the assurance (trust) points you need (you need 50 and get 10-35 per assurer). When you are on in your account, go to the Web Of Trust: (here you can enter your town and search for assurers in the area) or: (here you can click through to choose from about 6000 assurers worldwide).

Thank you very much to all our active community members who helps here and there and gives other community members a hand. Even very little help is helpfull. If e.g. each of the 6000 assurers from the assurer directory helps with something small for 10 minutes per month, that is already 1000 hours of work. That would solve (almost) all problems. Here is how you too can give your CAcert community a hand:

And another volunteer from Sweden points out, that the issue will not go away till the interface is fixed, which is a work that has been started, but not finished. Furthermore, renewing old incorrectly signed certificates will never work again, as we have said we will not fix the broken code for that, as no certificates should ever have been signed that way. We can’t continue signing them incorrectly.

Certificates renewing pending will end soon

Several tried to renew their certificates in the last days, but it is still pending. We are aware of this issue.

There is a need for a physical update of a cable. A volunteer is traveling to the data centre this week-end to do that. You will have to be patient until then. We are terribly sorry.

Last chance, hurry up, catch your review!

Dear friend of #CAcert, here comes the last #bugs that needs a #review. We are so glad, that you are willing to #help you #community and review only one of them during the #spring #offensive.

We published all ready 12 bugs for review earlyer today in this channel. Maybe, you find a more conviniant one there?

Papillon, vient voir les bugs

Qu’est-ce qu’une #revue par rapport à la résolution d’un problème? Vole comme un papillon sur l’une de nos fleurs de bug et regarde le code. Voici la troisième série de quatre, si tu ne trouves rien qui te convienne pour participer à l’offensive #CAcert du printemps, nous t’en fournirons quatre autres dans quelques heures ou regarde les huit premiers, publiés il y a quelques heures.

This are new links, number 9-12:

Join the CAcert Spring Offensive

What’s a #review compared to solving a problem? Flutter like a butterfly on one of our bug flowers and check out the code. Here are the second four, if you don’t find anything suitable for you to join the #CAcert spring offensive, we’ll give you four more in a few hours.
Nothing that fits you? Have a look to the first four links we published two hours ago in the german post.

Mach es wie die Schmetterlinge

Was ist schon eine #Review im Vergleich dazu, ein Problem zu lösen? Flattere wie ein Schmetterling auf eine unserer Bug-Blumen und Schau dir den Code an. Hier sind die vier ersten, wenn du nichts für dich passendes findest, um bei der #CAcert Frühlings Offensive mitzumachen, reichen wir dir in einigen Stunden vier weitere nach.

Spring Offensive, second part

Here comes the next batch of our 72 #CAcert mini tasks. Choose your favourite. Can you manage to solve one by summer?

Pick up your favorite small task

In the #CAcert #Spring #Offensive we have three small tasks to test whether a problem has really been solved. Look here: Which of the three tests are you doing?

Schnapp dir deine Lieblingsaufgabe

Bei der #CAcert #FrühlingsOffensive haben wir drei kleine Aufgaben, bei denen getestet werden soll, ob ein Problem wirklich gelöst worden ist. Schau hier: Welchen der drei Test führst du durch?