SoylentNews is people
SoylentNews
Late last night (~10 PM UTC), the security certificates for SoylentNews.org expired. (Out-of-date certs result in nasty warning messages being displayed by your browser.)
Please accept my apologies for any inconvenience the outage caused.
Unfortunately, that was after I (and others on staff who could do anything about it) had gone to bed.
I had personally updated the certs in the past, but the last time was years ago. (TheMightyBuzzard had previously — and subsequently — handled getting and applying updated certs.) It had been so long that I could not find my notes on the process. (Note to self: it helps to look in the correct directory tree!)
Thankfully, audioguy appeared and was able to get things updated.
Please join me in thanking him for getting things straightened out!
P.S. The current certs are due to expire December 14, 2021, Please feel free to remind us as that date approaches!
P.P.S. The technical staff is aware of various automated solutions to renewals but made a conscious decision to do them manually. Remember that people make mistakes but to really foul things up use a computer!
(Score: 3, Insightful) by DannyB on Wednesday September 15 2021, @04:21PM (9 children)
It sounds like you're asking for a feature in the certificate that specifies an expiration warning number of days (or an absolute date). Any browser that recognizes and honors this feature would warn that the certificate is due to expire soon.
Maybe better would be if the certificate also included an expiration notification URL. Any browser recognizing and honoring this feature would poke that URL to alert the site owners that their certificate is about to expire. Sites with soon to expire certificates would experience . . . uh, um . . . the "green site" effect.
Next up, someone could get themselves a lot of shiny new certificates that have the expiration warning feature, but will poke a URL of some DDOS target site when the certificate is due to expire. Those pin pricks would come from all different sorts of browsers from many locations.
The lower I set my standards the more accomplishments I have.
(Score: 1, Insightful) by Anonymous Coward on Wednesday September 15 2021, @04:51PM (5 children)
No need to add a feature to the cert. Just have the browser check current date against expiration and warm 30 days out.
(Score: 0) by Anonymous Coward on Wednesday September 15 2021, @05:01PM (3 children)
That warns the visitor, not the administrator.
(Score: 2) by DannyB on Wednesday September 15 2021, @05:25PM (1 child)
But the visitors can make fun of the administrator.
Sort of like when the microsoft.com DNS name expired. Some kind soul on the green site renewed it. Microsoft paid him some token amount in the foam of a check, which he had framed.
The lower I set my standards the more accomplishments I have.
(Score: 0) by Anonymous Coward on Wednesday September 15 2021, @11:01PM
Just think, with modern banking apps, he could send a picture to his bank to cash it and still frame the check!
Hmm, any pictures of his framed check on the net?
(Score: 1, Insightful) by Anonymous Coward on Wednesday September 15 2021, @05:36PM
Imagine your average computer illiterate visitor visiting Bank of America and receiving a popup that says the cert is about to expire in 30 days. What the heck is the visitor supposed to care?
(Score: 5, Touché) by DannyB on Wednesday September 15 2021, @05:25PM
That is a needlessly simple solution to a problem which can have a much more complex solution.
The lower I set my standards the more accomplishments I have.
(Score: 0) by Anonymous Coward on Wednesday September 15 2021, @07:31PM (2 children)
This site uses Let's Encrypt. They send at least 2 e-mails to the contact prior to expiration giving plenty of time to renew manually, if required.
(Score: 4, Touché) by c0lo on Thursday September 16 2021, @12:57AM (1 child)
The eds need to write an email-to-IRC forwarder. In a deprecated PERL version.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Thursday September 16 2021, @02:09AM
There are a couple of those and I’m pretty sure at least one is in Perl.