Server cert expired!
-
-
This amuses me. I manually changed the date on my computer to post, but I still find it amusing.
-
Seeing the same issue (minus messing with the computer clock).
-
@cvi said in Server cert expired!:
minus messing with the computer clock
FF wouldn't let me even try to connect to the "insecure" site, and my phone just has the "connection lost" toaster. So lying to my computer that the certificate hasn't expired yet was by far the easiest way to continue.
-
FF on Windows refused to connect and the HSTS meant it wouldn't allow me to add an exception to ignore the cert expiry but it's loading completely fine via FF on my Mac...
-
@HardwareGeek I vaguely remembered a workaround to HSTS preventing allowing for an exception. Had to google the details, but in short:
- Exit FF, find SiteSecurityServiceState.txt in ${whatever} profile (FF overwrites it on exit)
- Remove the line with the host (what....)
Now you can allow for an exception (since FF doesn't know the HSTS stuff yet - after all, it couldn't connect yet). Not exactly convenient either, but it beats disabling ntp, setting the date, and, ultimately, not forgetting to reset the date and enabling ntp again.
-
@cvi AFAIK forgetting about the site via the History window makes FF forget about HSTS too
-
@loopback0 Does that also erase cookies/other stored info? I don't think I've ever used the feature.
-
@loopback0 But then I'd have to find the password in KeePass to log in again. I still have the Date & Time Settings window open, so I won't forget fix the date when the fixes the cert.
-
@cvi I assume so, I've not tried it either as it just works on this computer even though it shouldn't
-
@loopback0 said in Server cert expired!:
it just works on this computer even though it shouldn't
Yay, Apple!
-
@HardwareGeek Safari correctly throws an error so I think it's just FF being weird
-
@loopback0 Blame Mozilla or blame Apple? Hmm,
-
@loopback0 said in Server cert expired!:
I've not tried it either as it just works on this computer even though it shouldn't
Not now. It just took a while to catch up, it seems...
Works fine in a private window though as you can add the exception before it knows about HSTS
-
The irony of an expired cert happening to a forum about IT fails is absolutely delicious.
-
@blek Of course. We are .
-
@HardwareGeek The WTF is coming from inside the forum!
-
@cvi said in Server cert expired!:
@loopback0 Does that also erase cookies/other stored info? I don't think I've ever used the feature.
I didn't have the "accept the risk and continue" option until I cleared all my tdwtf cookies. But at least it works now
-
@blek said in Server cert expired!:
The irony of an expired cert happening to a forum about IT fails is absolutely delicious.
It's very on-brand
-
@HardwareGeek said in Server cert expired!:
I manually changed the date on my computer to post
Unsurprisingly, this has other side effects. It seems to prevent YouTube comments and video thumbnails from appearing. Whether this is a bug or a feature is left as an exercise for the reader.
-
@blek said in Server cert expired!:
The irony of an expired cert happening to a forum about IT fails is absolutely delicious.
Well, that and everybody immediately going about figuring out how to bypass what is essentially a security feature because shitposting must go on.
-
@loopback0 said in Server cert expired!:
FF on Windows refused to connect and the HSTS meant it wouldn't allow me to add an exception to ignore the cert expiry but it's loading completely fine via FF on my Mac...
FF on Windows complained about the cert but let me connect anyway through the "Advanced => Continue anyway" method but Edge does not offer that at all.
-
@Rhywden What version? FF didn't offer it for me.
-
@HardwareGeek 94.0.2
-
@HardwareGeek I've got the latest and initially I didn't get the option, but after clearing cookies for the site it presented the button
-
@Rhywden 94.0.2 here, too. I didn't try doing anything like clearing cookies.
-
@hungrier said in Server cert expired!:
@HardwareGeek I've got the latest and initially I didn't get the option, but after clearing cookies for the site it presented the button
I assume clearing the cookies also causes it to trigger whatever makes it forget about HSTS.
-
@HardwareGeek said in Server cert expired!:
This amuses me. I manually changed the date on my computer to post, but I still find it amusing.
If you use Edge or Chrome, you may type "thisisunsafe" (no space in between) on the error screen to bypass it.
-
@cvi said in Server cert expired!:
@blek said in Server cert expired!:
The irony of an expired cert happening to a forum about IT fails is absolutely delicious.
Well, that and everybody immediately going about figuring out how to bypass what is essentially a security feature because shitposting must go on.
I figured out how to get my password manager to work in incognito mode just to up boat that post
-
@cvi Seems to me that it wasn't everybody, the forums are basically comatose right now. I'm not sure how of it is caused by this being the middle of the weekend just after Thanksgiving, but it feels unusually slow at the moment.
Too bad we don't have badges anymore, we could have one for those who survived the True WTF.
-
Huh, once @boomzilla updated the cert, FF figured out the date on my computer was wrong and wouldn't let me connect any more; I had to set the date back to today. But it works now, so that's what matters; back to reading and posting nonsense.
-
@blek I'm sure that some people 'd their way out of the WTFcertocalypse.
-
@HardwareGeek said in Server cert expired!:
Huh, once @boomzilla updated the cert, FF figured out the date on my computer was wrong and wouldn't let me connect any more
SSL certificates have a start date as well as an expiry date
-
@HardwareGeek I was waiting for someone to spin up a separate VM so that they could run two different dates at the same time on one machine.
-
-
@cvi said in Server cert expired!:
@blek said in Server cert expired!:
The irony of an expired cert happening to a forum about IT fails is absolutely delicious.
Well, that and everybody immediately going about figuring out how to bypass what is essentially a security feature because shitposting must go on.
Safari on mobile just gave an error message along the lines of can’t open the website because the connection is not secure.
And I’m like, so what, what’s the worst thing that can happen? Someone will steal my credentials and start shit-posting on my behalf, and then I’m on the hook for the reduced (or improved?) quality of my shit-posting?!
Just open the site, would ya?
-
@cvi said in Server cert expired!:
@HardwareGeek I was waiting for someone to spin up a separate VM so that they could run two different dates at the same time on one machine.
If nothing else I learned that just using a private window is a workaround, which is obvious in hindsight but wasn't immediately
-
@loopback0 said in Server cert expired!:
@HardwareGeek said in Server cert expired!:
Huh, once @boomzilla updated the cert, FF figured out the date on my computer was wrong and wouldn't let me connect any more
SSL certificates have a start date as well as an expiry date
Yes, but the error message wasn't that the certificate wasn't valid yet; it was that my computer's clock was wrong.
-
@loopback0 said in Server cert expired!:
FF on Windows refused to connect and the HSTS meant it wouldn't allow me to add an exception to ignore the cert expiry but it's loading completely fine via FF on my Mac...
I'm on a different machine now - neither Edge nor Chrome would let me thru. Glad to see we're back!
-
Me, I refreshed several times in the hopes that it would clear, then I went because mobile and thus difficult to work around the problem.
-
@HardwareGeek said in Server cert expired!:
Huh, once @boomzilla updated the cert, FF figured out the date on my computer was wrong and wouldn't let me connect any more; I had to set the date back to today. But it works now, so that's what matters; back to reading and posting nonsense.
Was sitting out in the cold selling Christmas trees all day.
-
-
@HardwareGeek said in Server cert expired!:
@boomzilla said in Server cert expired!:
sitting out in the cold
Bad ideas thread is .
We sold 50 trees today. Not too bad, though we've done better.
-
@lolwhat said in Server cert expired!:
Me, I refreshed several times in the hopes that it would clear, then I went because mobile and thus difficult to work around the problem.
I fucking hate Chrome mobile because it pulls shit like this with no workaround with my webmail account. It decided to one-up itself by also claiming my clock was magically ahead even thought it wasn't.
-
@DogsB said in Server cert expired!:
up boat
http://www.storytrender.com/wp-content/uploads/2019/07/0_CATERS_INFLATABLE_FLYING_BOAT_01.jpg
-
@HardwareGeek said in Server cert expired!:
Huh, once @boomzilla updated the cert, FF figured out the date on my computer was wrong and wouldn't let me connect any more; I had to set the date back to today. But it works now, so that's what matters; back to reading and posting nonsense.
Is the issue fucking letsencrypt bot failing to auto renew? Cuz that's shit happens to me too, but works just fine if I run it manually.
-
@HardwareGeek said in Server cert expired!:
@boomzilla said in Server cert expired!:
sitting out in the cold
Bad ideas thread is .
Hey, I was on a motorcycle ride all day yesterday, when it was between 34 and 45 freedom degrees...
-
@dangeRuss said in Server cert expired!:
@HardwareGeek said in Server cert expired!:
Huh, once @boomzilla updated the cert, FF figured out the date on my computer was wrong and wouldn't let me connect any more; I had to set the date back to today. But it works now, so that's what matters; back to reading and posting nonsense.
Is the issue fucking letsencrypt bot failing to auto renew? Cuz that's shit happens to me too, but works just fine if I run it manually.
Looks like it. I think the version we had was old or wrong or something. It was installed via the Ubuntu 18.04 repository. The instructions on Let's Encrypt's site said that we needed to remove that and install the snap version, which is what I did.
We'll see.
-
@boomzilla said in Server cert expired!:
@dangeRuss said in Server cert expired!:
@HardwareGeek said in Server cert expired!:
Huh, once @boomzilla updated the cert, FF figured out the date on my computer was wrong and wouldn't let me connect any more; I had to set the date back to today. But it works now, so that's what matters; back to reading and posting nonsense.
Is the issue fucking letsencrypt bot failing to auto renew? Cuz that's shit happens to me too, but works just fine if I run it manually.
Looks like it. I think the version we had was old or wrong or something. It was installed via the Ubuntu 18.04 repository. The instructions on Let's Encrypt's site said that we needed to remove that and install the snap version, which is what I did.
We'll see.
Ohhh yeah I had to do that recentlyish.
Whoever has the email address associated with the certs should get an email from Lets Encrypt near expiry.
-
@loopback0 we like to be surprised about that kind of thing around here.