CRL Saturday
Published: 09 Oct 2021I woke early, grabbed my phone and bluetooth speaker, and headed toward the shower. Let the water warm, see what’s new in the podcast queue, and pop open the email.
Huh… a few of the routine automated things were missing.
Pop open Tusky. Pop open Element. Refresh.
Timeout.
Hmmm… the websites?
Bad gateway.
Shit. I know what this is. I’ve politely chastised clients for this… and I do know better. I forgot to set a calendar reminder. The CRL expired. The vpn logs confirmed it.
Fixing it was not a problem. Tedious, but not a problem. I use OpenVPN to separate and proxy some front end access from some back end services. The parts are always moving, so I revoke certificates from time to time – just not that often. Find the box with the PKI data, decrypt and mount volumes, generated a new CRL, etc.
Somehow, the rest of the day followed suit: Not hard. Just tedious. At least I was able to handle the unexpected hiccups.
I also set a few calendar reminders. :-)