AutoHotkey Community

Posted: **30 Sep 2021, 11:46**

People are reporting warnings in Firefox and Chrome about a potential safety issue because of an expired certificate (in 2017) if they want to visit the archived forums.
For example,
https://autohotkey.com/board/
https://autohotkey.com/board/topic/95834-using-winwait-effectively-or-how-else-should-i-execute-an-action-when-a-pop-up-window-appears/#entry603588
and so on...

: saftey issue.png (36.16 KiB) Viewed 4014 times

DeepL translation:

Warning: Possible security risk detected

Firefox has detected a problem and failed to load autohotkey.com. Either the website is set up incorrectly or the date and/or time on this computer are not correct.

The site's certificate has probably expired, which is why Firefox cannot establish an encrypted connection. If you visit the website, attackers might try to steal passwords, emails or credit card information.

What can you do about it?

Most likely, the problem is caused by the website and there is nothing you can do about it. You can notify the website administrator about the problem.

More information...

Websites confirm their identity by means of certificates, which are valid for a certain period of time. The certificate for autohotkey.com expired on 8/31/2017.

Error code: SEC_ERROR_EXPIRED_CERTIFICATE

Show certificate

Translated with www.DeepL.com/Translator (free version)

Posted: **30 Sep 2021, 12:00**

The problem is affecting more than just the archived forum.

URLs with and without 'www.' are failing for the archived forum:
· https://autohotkey.com/board/
· https://www.autohotkey.com/board/

URLs with 'www.' are working, but without 'www.' are failing, for other cases:
· https://autohotkey.com/boards/
· https://www.autohotkey.com/boards/
· https://autohotkey.com/boards/viewtopic.php?f=6&t=65095
· viewtopic.php?f=6&t=65095
· https://autohotkey.com/boards/search.php?search_id=active_topics
· search.php?search_id=active_topics
· https://autohotkey.com/docs/commands/
· https://www.autohotkey.com/docs/commands/

All of those URLs were working a few days ago.
EDIT: A log file I have indicates that the change occurred between 19:30 and 19:45 UTC on Wed 2021-09-29.

The problem is also happening in IE.

The problem may be due to incorrect redirect rules in the .htaccess file.

Posted: **30 Sep 2021, 12:04**

Its a global issue with old lets encrypt root certs. Not just ahk page

https://www.heise.de/news/Let-s-Encrypt-Zertifikate-Ruckler-am-30-September-moeglich-6201155.html

Posted: **30 Sep 2021, 12:16**

this makes no sense whatsoever. certificates are not supposed to affect paths

Posted: **30 Sep 2021, 12:28**

https://www.borncity.com/blog/2021/09/30/lets-encrypt-zertifikate-rger-mit-windows-sophos-utm-macos-ios-30-9-2021/
(Engl Translation is coming soon)

Todo in short:
* Renewing the certificates on the server causes the chains to be rebuild and fixes the issue
* rebooting the server causes the chains to be rebuilt and also fixes the issue.

Posted: **30 Sep 2021, 12:31**

Nothing broken here yet, but maybe just a matter of time before it breaks...
@jNizM Thanks for sharing.

I've been using just google translate, as my technical German is not good
https://translate.google.com/translate? ... 30-9-2021/

Posted: **30 Sep 2021, 12:33**

Thousands of websites all over the world have just the Probelem with Lets Encrpyt certificates and these root certificates.

If it is a global problem:
A) DNS
B) Certs
C) Backbone

Posted: **30 Sep 2021, 12:35**

This feels a bit reminiscent of the heartbleed bug: https://heartbleed.com/

Posted: **30 Sep 2021, 12:37**

First of his posts are now in Engl
https://borncity.com/win/2021/09/30/sept-30-2021-will-we-see-trouble-with-old-lets-encrypt-certificates/

2nd Post:
https://borncity.com/win/2021/09/30/lets-encrypt-zertifikate-rger-mit-windows-sophos-utm-macos-ios-30-9-2021/

Posted: **01 Oct 2021, 01:06**

Description of the problem
https://scotthelme.co.uk/lets-encrypt-old-root-expiration/

Posted: **01 Oct 2021, 01:32**

thanks. i was working on it earlier but certbpt now requires snapd which isnt supported on our app server. ill finish the rediculous workaround tomorrow

Posted: **01 Oct 2021, 10:00**

yep just got this today on the archive forum

Posted: **02 Oct 2021, 01:40**

at about 9:30 is pm -6 gmt the entire site went down.
i was dealling with some rather emotional family drama at the time so i apologise for the delay
I will work on a full debug of the issue and attempt proper resolution later

Posted: **02 Oct 2021, 02:08**

all errant non www links should autocorrect now
cert issues should be resolved

Posted: **02 Oct 2021, 08:53**

Yes, the certificates problem seems gone. Thank you!

Unfortunately, I still see a lot of connection timeouts - the forums are hardly usable for me right now.
A few fast page loads alternate with a multitude of very slow loads and timeouts.

Posted: **02 Oct 2021, 13:35**

even bank of america is experiencing massive outages i just read this morning
his seems to go way beyond the known letsencrypt root CA issue that was publicized

Posted: **05 Oct 2021, 23:39**

tank wrote: ↑
02 Oct 2021, 13:35
even bank of america is experiencing massive outages i just read this morning
his seems to go way beyond the known letsencrypt root CA issue that was publicized

Certificate problem persist for me, idk why

Posted: **05 Oct 2021, 23:49**

they persist for some and not others. days ago it was intermittent for me now works every time
CA changes have been comming for a long time and kicked down several times over the years but most blogs said it would only be old OS's browsers affected.
I keep looking at related blogs and the issues are affecting even large tech companies sites. everytime i find something someone has tried i do attempt the same patches

Posted: **06 Oct 2021, 00:45**

Let's Encrypt - Certificate Compatibility List -> https://letsencrypt.org/docs/certificate-compatibility/

Posted: **06 Oct 2021, 00:47**

yea im aware ii took the recomendations already

AutoHotkey Community

'Expired Ceritificate' warnings for archived forums

'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums

Re: 'Expired Ceritificate' warnings for archived forums