Cyber.mil serving file downloads using TLS certificate which expired 3 days ago

Posted by Eduard 5 hours ago

Cyber.mil serving file downloads using TLS certificate which expired 3 days ago(www.cyber.mil)

125 points | 114 commentspage 2

jeroenhd 3 hours ago|

For some reason the warning icon is huge on my phone.

Someone please verify that the exclamation point inside of the warning icon has always been gold and that this website's design hasn't fallen victim to Trump's dragon-like gold hoarding obsession.

dmitrygr 5 hours ago|

So what? They keep shortening the validity length of these certificates, making them more and more of a pain to deal with.

lynndotpy 4 hours ago||

Not applicable in this case. This was a certificate issued March 20th 2025 and which expired March 20th 2026. Also concerning are the instructions written in broken English instructing visitors to ignore all SSL warnings.

yesod 32 minutes ago||

Looks to me like they're trying to switch from IdenTrust 1yr certs to LetsEncrypt, but haven't got it right yet (https://bgp.he.net/certs#_SearchTab?q=www.public.cyber.mil)

gslepak 5 hours ago|||

Using old compromised certificates is a legitimate MITM attack vector.

dmitrygr 5 hours ago||

Which would make sense if they were valid for 10 years and somebody forgot about them. Not when they’re valid for, what is it now, 40 days?

smashed 5 hours ago|||

An official government source is teaching users to ignore security warnings about expired certificates.

Mistakes happen, some automation failed and the certs did not renew on time, whatever. Does not inspire confidence but we all know it happens.

But then to just instruct users to click through the warning is very poor judgement on top of poor execution.

dmitrygr 5 hours ago||

This was the predictable outcome of shortening certificate length validity to appoint where they are now.

lynndotpy 4 hours ago|||

No, because that's not what happened here.

The certificate they failed to renew was issued 2025-Mar-20th, and expired 2026-Mar-20th. That is a 365 day cert.

The maximum length for a new cert is now 200 days, with the 47 day window coming in three years: https://www.digicert.com/blog/tls-certificate-lifetimes-will...

HackerThemAll 3 hours ago|||

Have you heard of automation? Cron? Certbot? You can schedule cert renewal and it happens automatically. It could be refreshed every 1 day, I don't care. The fact that it's so painful for you means you need to learn a bit more.

lynndotpy 4 hours ago|||

The certificate they failed to renew was valid for 365 days. You can check this in any modern desktop browser.

hhh 5 hours ago|||

because you need to automate it

dmitrygr 5 hours ago||

Which is yet another chore. And it doesn’t add any security. A certificate expired yesterday proves I am who I am just as much as it did yesterday. As long as the validity length is shorter than how long it would take somebody to work out the private key from the public key, it is fine.

bombcar 5 hours ago|||

Shortening certificate periods is just their way of admitting that certification revocation lists are absolutely worthless.

nightpool 4 hours ago|||

No, they're not useless at all. The point of shortening certificate periods is that companies complain when they have to put customers on revocation lists, because their customers need ~2 years to update a certificate. If CRLs were useless, nobody would complain about being put on them. If you follow the revocation tickets in ca-compliance bugzilla, this is the norm—not the exception. Nobody wants to revoke certificates because it will break all of their customers. Shortening the validity period means that CAs and users are more prepared for revocation events.

pas 3 hours ago||

... what are the revocation tickets about then? how is it even a question whether to put a cert on the CRL? either the customer wants to or the key has been compromised? (in which case the customer should also want to have it revoked ASAP, no?)

can you elaborate on this a bit? thank you!

bombcar 2 hours ago||

From my experience the biggest complaints/howlings are when the signing key is compromised; e.g., your cert is valid and fine, but the authority screwed up and so they had to revoke all certs signed with their key because that leaked.

E.g., collateral damage.

nathanaldensr 5 hours ago|||

Right. It's the same debate about how long authorization cookies or tokens should last. At one point in time--only one--authentication was performed in a provable enough manner that the certificate was issued. After that--it could be seconds, hours, days, years, or never--that assumption could become invalid.

danesparza 5 hours ago||||

An expired cert is a smell. It shows somebody isn't paying attention.

And a short expiration time absolutely increases security by reducing attack surface.

dmitrygr 5 hours ago|||

It did until it got so short that it created a new potential attack surface — the scripts everyone is using to auto update them.

organsnyder 5 hours ago||

Compared to the manual processes these scripts replaced, I'd put more trust in the automations.

dmitrygr 5 hours ago||

And the original article shows you how that is going

ajsnigrutin 5 hours ago|||

Or that someone asked to renewed it, one of their four bosses didn't sign off the apropriate form, the only person to take that form to whoever does the certs is on a vacation, person issuing certs needs all four of his bosses to sign it off, and one of those bosses has been DOGE-ed and not yet replaced.

expired letsencrypt cert on a raspberrypi at home smells of not paying attention... with governments, there are many, many points of failure.

hananova 3 hours ago|||

The whole point of these shorter certificate durations is to force companies to put in automation that doesn't require 14 layers of paperwork. Some companies will be stubborn, and will thus be locked in an eternal cycle of renew->get paperwork started for renew. Most will adapt.

danesparza 1 hour ago|||

Humbly, I disagree with you. What better use of our tax dollars than to automate away as many problems as we can?

allthetime 4 hours ago||||

"yet another chore"

use cloudflare, never think about it.

use certbot, never think about it.

dmitrygr 4 hours ago||

I am curious how long the approval process in some large corp or the military would be for either of those options...

Hand over our private keys to a third party or run this binary written by some volunteers in some basements who will not sign a support contract with us...

icedchai 3 hours ago|||

I've worked with large "enterprises" that refuse to use the easy-to-automate certificate services, including AWS Certificate Manager. They would rather continue to procure certificates through a third party, email around keys, etc. They somehow believe these archaic practices are more secure.

hananova 3 hours ago||||

Well they can either automate it, or soon spend literally every waking moment in a cycle of paperwork to chase the next renewal.

The whole point was to force automation, and if corps want to be stubborn that's no skin of my back, the shorter durations are coming regardless.

allthetime 4 hours ago|||

In this case some manual work may need to be done.

dpoloncsak 5 hours ago|||

Isn't that why certificates expire, and the expiry window is getting shorter and shorter? To keep up with the length of time it takes someone to crack a private key?

JoshTriplett 3 hours ago|||

No, it has nothing to do with the time to crack encryption. It's to protect against two things: organizations that still have manual processes in place (making them increasingly infeasible in order to require automatic renewal) and excessively large revocation lists (because you don't need to serve data on the revocation of a now-expired certificate).

shagie 5 hours ago||||

It's also a "how much exposure do people have if the private key is compromised?"

Yes, its to make it so that a dedicated effort to break the key has it rotated before someone can impersonate it... its also a question of how big is the historical data window that an attacker has i̶f̶ when someone cracks the key?

dmitrygr 5 hours ago|||

No. The sister comment gave the correct answer. It is because nobody checks revocation lists. I promise you there’s nobody out there who can factor a private key out of your certificate in 10, 40, 1000, or even 10,000 days.

dpoloncsak 5 hours ago||

I thought I remembered someone breaking one recently, but (unless I've found a different recent arxiv page) seems like it was done using keys that share a common prime factor. Oops!

Fwiw: https://arxiv.org/abs/2512.22720

SAI_Peregrinus 5 hours ago|||

And in turn making revocation less & less of a pain. Since that was more of the pain, overall it's getting easier.

koakuma-chan 3 hours ago|||

I also don't get it, why do certificates need to expire?

icedchai 14 minutes ago|||

1) To encourage good security practices in the event of compromise or technical improvements. Original '90s "export approved" SSL certificates were only 56-bits. If sites still used those today, they could be easily cracked.

2) To guarantee a recurring revenue stream for TLS/SSL issuers. Originally certificates were $50 to $100/year and there was a big process around renewal and verification. I remember having to fax in corporate paperwork. What a pain!

RIMR 35 minutes ago||||

I bet some guy with a ton of badges on his suit is asking the exact question in some Pentagon boardroom right now.

hugo1789 2 hours ago|||

Since revocation is also a big pain.

k33n 5 hours ago|||

DNSSEC+DANE will fix it. Soon we will have self-signed certificates once again!

icedchai 5 hours ago||

I can't wait. Now I can screw up DNSSEC and take out my entire domain in the process.

fidotron 5 hours ago||

On the one side all the users will need to prove their ID to access websites, and on the website side the site will have to ask permission to continue operating at ever increasing frequency.

That is the future we have walked into.