$ mkdir -p config work logs
$ certbot certonly --config-dir config/ --work-dir work/ --logs-dir logs/ \
--server https://acme-v02.api.letsencrypt.org/directory --manual \
-d '*.monsite.fr'

To fix this, I found the following steps worked:
sudo apt-get install --reinstall ca-certificates
to ensure you have the latest certificates by your distribution – this might help you, but it didn’t assist me 🙁

So I downloaded the Let’s Encrypt root certificates and forced a rebuild of the certificate store:

sudo curl https://letsencrypt.org/certs/isrgrootx1.pem.txt -o /usr/local/share/ca-certificates/isrgrootx1.crt
sudo curl https://letsencrypt.org/certs/letsencryptauthorityx1.pem.txt -o /usr/local/share/ca-certificates/letsencryptauthorityx1.crt
sudo curl https://letsencrypt.org/certs/letsencryptauthorityx2.pem.txt -o /usr/local/share/ca-certificates/letsencryptauthorityx2.crt
sudo curl https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.pem.txt -o /usr/local/share/ca-certificates/letsencryptx1.crt
sudo curl https://letsencrypt.org/certs/lets-encrypt-x2-cross-signed.pem.txt -o /usr/local/share/ca-certificates/letsencryptx2.crt
sudo curl https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem.txt -o /usr/local/share/ca-certificates/letsencryptx3.crt
sudo curl https://letsencrypt.org/certs/lets-encrypt-x4-cross-signed.pem.txt -o /usr/local/share/ca-certificates/letsencryptx4.crt
sudo dpkg-reconfigure ca-certificates

and everything worked!

If you are running Java, you may need to also add the certificates to the Java Keytool:
keytool -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -importcert -file /usr/local/share/ca-certificates/isrgrootx1.crt
keytool -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -importcert -file /usr/local/share/ca-certificates/letsencryptauthorityx1.crt
(change the storepass password [default of “changeme”] to whatever is relevant to you)

curl --header 'Authorization: Bearer <access-token>' -X POST https://api.pushbullet.com/v2/pushes --header 'Content-Type: application/json' --data-binary '{"type": "note", "title": "<title>", "body": "<body>"}'

We had something similar with NVIDIA gfx card and 13.04. It only happend from time to time. disabling plymouth and splash screen in grub:

in file /etc/defaults/grub
set line
GRUB_CMDLINE_LINUX_DEFAULT="noplymouth"

and run update-grub afterwards.

This plymouth stuff is a pain and should be killed or fixed, just my 2cents.

Google Chrome and Kerberos on Linux
So we all know you can enable Kerberos by adding the “–auth-server-whitelist” to the command line:

google-chrome --auth-server-whitelist="*.example.org"
But you can also make it permanent. Simply create a directory (in Linux) called /etc/opt/chrome/policies/managed/ and within it drop a json file such as example-corp.json with the following contents:

{ "AuthServerWhitelist": ".example.org",
"AuthNegotiateDelegateWhitelist": ".example.org" }
And voila, no need to fiddle the command line options every time you start Chrome. Plus as an administrator you can simply deploy that file automatically across all your workstations and not have to bother the users, things will just work.

Exemple plutôt complet, au niveau des filtres, d'une config postfix

sa-update -D --updatedir /usr/share/spamassassin/ --gpgkey 6C6191E3 --channel sought.rules.yerp.org && sa-compile && service spamassassin restart