So I've been reading through this, trying to figure out how we're affected by this upcoming change on 9/30:
https://blog.voltone.net/post/30

Since the agent is using httpc I think it may be affected. Most of New Relic's certs aren't signed by Let's Encrypt, but provisioned Infinite Tracing hosts are. This makes me think the upcoming change could result in the agent failing to communicate with infinite tracing. Does that seem right?

If so, my takeaway from the article above is that people should upgrade to the latest OTP 23 or 24 to get the recently committed patch. I don't think there's much we can do in the agent itself, but it might be nice to have an answer ready.

@binaryseed — I'm curious if you think this seems right.

That seems right from what I can tell.. folks running 23.3 or newer should upgrade to the latest OTP versions. Older OTP versions (21, 22) don't seem to be impacted, right?

I think? I was sort of unclear but that's what I concluded too. And it seems like the only potential remediation we could do in code would be something insecure.

Alright, well we have our standard response then, "Upgrade Erlang/OTP to the latest."

I'll close this, thanks for confirming, this will help our support folks if they get any questions from customers.