I'll be honest, this is still better than some more 'professional' CA issuers which sometimes just stops for a whole day. I hope that day is spent on audits and not like because their update regime doesn't support on-the-fly (or virtually on-the-fly by having two or more signing machines) updates.
Lest anyone think that such issues only happen to free providers, check out Sectigo's status page:<p><a href="https://sectigo.status.io/pages/history/5938a0dbef3e6af26b001921" rel="nofollow">https://sectigo.status.io/pages/history/5938a0dbef3e6af26b00...</a><p>For context, Sectigo also provides freebies for cPanel customers.
AFAICT users of Caddy would not have been affected since Caddy can fallback from one CA to another. Pretty clever!<p><a href="https://caddyserver.com/docs/automatic-https#overview" rel="nofollow">https://caddyserver.com/docs/automatic-https#overview</a>
I guess this really only affects those wanting to get new certificates for new (sub)domains.<p>For renewals, this is not a problem unless it's down for an extended period of time - and even then there would be time to switch providers. Should be using scheduled updates, and even if not, the email notifications come in on 20 and 10 days, so plenty of time to go and get it renewed.
I like Let's Encrypt's free certificates! But I don't like centralization where failure in a centralized service may render millions of websites inaccessible... It is somehow against the spirit of the "inter-net" where many independent networks and computers are connected and work even if some fail...
Things are under a lot of strain today. I noticed AWS lambda went down earlier today for 4 of my clients using completely unrelated stacks in different regions, but AWS status page was all green.
The halt happened twice, but only lasted ~25 mins each time. It was back running before the arrival of most of the people that will end up getting to this post.