flyctl version update: it complains certificate has expired


I tried doing an update of flyctl but it now complains the certificate has expired.

Just a heads-up:

~ $ flyctl version update
Update available 0.0.240 -> v0.0.245
Run "flyctl version update" to upgrade
/bin/bash -c
Running automatic update [curl -L "" | sh]
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (60) SSL certificate problem: certificate has expired
More details here:

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isnt adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If youd like to turn off curls verification of the certificate, use
 the -k (or --insecure) option.
HTTPS-proxy has similar options --proxy-cacert and --proxy-insecure.

@greg that’s caused by a bug in an old version of OpenSSL (used by curl) after the LetsEncrypt certificate expired last week. You can fix it by upgrading curl. Here’s a little more info:

Ah ha. Thanks @michael . Haven’t used curl for a while so didn’t know about that.


This has bitten everyone this week. It didn’t even occur to me that our CLI was using cURL. :smiley:

1 Like