from Hacker News

Nvd.nist.gov cert expired yesterday and uses HSTS

by SuperSandro2000 on 9/2/24, 9:25 AM with 8 comments

  • by Rygian on 9/2/24, 1:57 PM

    Fails to load on my end right now. Firefox says:

    "nvd.nist.gov has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can't add an exception to visit this site.

    (...) there is nothing you can do to resolve it."

  • by Jerrrrrrry on 9/2/24, 6:27 PM

    The fact that certificates for .gov's can still (due to procedural laziness) expire on a federal holiday without even a third party automated tweet to even notify the responsible or affected parties is a pure Kafka-eqsue tragedy when considered of the statistical inevitability that someone, somewhere, will lose their life to the coincidental crossroads of technical and bureaucratic err.

  • by dayofthedaleks on 9/2/24, 2:40 PM

    Some of the site's infrastructure is using an expired cert referencing letsencrypt R3 and other bits are serving a working cert at letsencrypt R10. Broken ACME updates maybe.

    This can be so hard to get right! But I guess an automation oopsie is a step up from the need for spreadsheets, NMS checks, calendar reminders, and still having things expire once turnover erodes institutional knowledge.

  • by pimlottc on 9/2/24, 1:52 PM

    Seems to be valid now.