pa9am's comments

I thought this was going to be about Winlink for some reason..

This also bit me. I thought I was in the clear not using anything with outdated CA keystores. Turns out that some TLS implementations don't trust the connection if the server provides an expired CA in the certificate chain.

This includes the Nextcloud client for Windows and the DNS over TLS implementation in Android 11.

Adding the argument --preferred-chain "ISRG Root X1" to certbot fixes this by not chaining the expired CA X3...

My Apache server is fine speaking HTTP/2 over port 80:

  curl -v --http2 --http2-prior-knowledge http://localhost
  * Connected to localhost (::1) port 80 (#0)
  * Using HTTP2, server supports multi-use
  * Connection state changed (HTTP/2 confirmed)
  * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
  * Using Stream ID: 1 (easy handle 0x559a7c6545c0)
  > GET / HTTP/2
  > Host: localhost
  > user-agent: curl/7.74.0
  > accept: */*
  > 
  * Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
  < HTTP/2 301 
  < date: Fri, 06 Aug 2021 11:16:05 GMT
  *snip*

Sadly none of the services that I reverse proxy through Apache support HTTP/2..

I got the pop-up a week back or so. I uploaded a photo of my drivers license with everything redacted except my name and date of birth and clearly watermarked it with the purpose and current date.

It was accepted automatically within a few seconds. Can't really complain.

Get the mic close to your mouth and turn down the gain. This will also increase the quality

The most important thing is to have the microphone close to your mouth. There is nothing more annoying than listening to echo-y voice.

The mic even have to be that expensive. I use a cheap dynamic mic from ebay with a windscreen and a mic arm and it sounds fine.