Lemmy 0.13.0 invalidated all authentication tokens meaning your current account will cause infinite spinners in lemmur. This has showed us that we should improve invalid auth handling, hence I have created a report for that: https://github.com/LemmurOrg/lemmur/issues/265

  • N0b3d
    link
    fedilink
    arrow-up
    4
    ·
    3 years ago

    That’s all very well, but removing my account from lemmur (i.e. all the data) and then trying to log back in again results in:

    HandshakeException: Handshake error in client (OS Error: CERTIFICATE_VERIFY_FAILED: certificate has expired(handshake.cc:359))

      • N0b3d
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        I don’t know. I can log in and use the web interface on the same device, so it’s specific to lemmur.

        I see from your linked article that “older Android devices that don’t trust ISRG Root X1 will continue to work with Let’s Encrypt, thanks to a special cross-sign from DST Root CA X3 that extends past that root’s expiration.” So although I have an “older Android device” that I won’t allow to update due to the manufacturer’s “privacy” policy, it appears it should work, and indeed does in the browsers I’ve tested. As I say, it’s just Lemmur that’s not playing.