PSA: BoardGameGeek.com's encryption certificate has expired

If your web browser is warning you that https://[www.]boardgamegeek.com is insecure, this is why.

Their admins will likely be feeling foolish for having forgotten about that date, but this is a pretty common blunder, and I would expect it to be resolved in the near future.

4 Likes

…and it’s fixed already.

3 Likes
2 Likes

It happens. Stuff that is not automated gets postponed or forgotten.

Yes indeed. This thread was just to try to prevent anyone who couldn’t tell what was going on from getting concerned (although I’d not have bothered if I’d known that it would get sorted as rapidly as that : )

Your comment also made me think of today’s xkcd : )

1 Like

Of the various pieces of software I’ve released to the world, the one that’s got most feedback from people actually using it is a Nagios/etc. monitoring plugin that connects to your SSL service and warns you about cert expiry (and a few other things).

I think this is the genius of Let’s Encrypt: by making the renewal every two months or so rather than every five years, they give you a direct incentive to make it as painless/automated as possible and you get reasonably frequent practice at doing it.

2 Likes

Yes, Letsencrypt is great except I was unable to automate it completely in my current setup because I am using the DNS server my domain provider provides and was unable to create a local configuration that satisfies letsencrypt. I know it is possible I am just not good enough to do it.

My new server still languishes somewhere in the land of „when I find the energy for it“ and I expect I will automate it by then.

1 Like

But at least when it comes up you say “aha, this is the same as the thing I did two months ago” rather than “oh crap, I need to find the documentation I meant to write in 2017”. :slight_smile:

1 Like

Story of my life :laughing:

2 Likes

A backup that you have to kick off by hand isn’t a backup, it’s an aspirational statement.

3 Likes