[Letsencrypt-devel] Certbot in Debian Stretch

James Cloos cloos at jhcloos.com
Fri Nov 25 21:05:30 UTC 2016


>>>>> "HL" == Harlan Lieberman-Berg <hlieberman at debian.org> writes:

HL> In fact, letsencrypt was never in jessie either.  Both certbot and
HL> letsencrypt have only ever been in stable-bpo, stretch, and sid.

Ok.  That must have been before I was forced to switch my openvz systems
from sid to jessie-backports.  (The glibc maintainer broke sid, stretch
and later on openvz and after it was reported refused to fix it.)

But even after I was able to 'apt-get install certbot' on some of my
jessie-backports machines, it was later impossible to do so on others.

So there was a window where it worked followed by a long spot where it
did not.

HL> If you're referring to #825619, that was a bug in a dependency, not in
HL> certbot, which we worked around by specifying a child version dependency
HL> in python-acme.

It may have been; in any case it took *weeks* for the bug I saw to get
fixed.  And it doesn't matter where the bug was, it still made it
impossible to apt-get install the certbot package.  Which still defines
the certbot in jessie-backports experience as (at least historically)
unreliable.

Anything which takes weeks to fix is unreliable.

The points I made at the end of my last note about methods which might
avoid such things in the future remain on point.

-JimC
-- 
James Cloos <cloos at jhcloos.com>         OpenPGP: 0x997A9F17ED7DAEA6



More information about the Letsencrypt-devel mailing list