Pulse of Truth

354 readers

107 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 11 months ago

MODERATORS

[email protected]

Microsoft hits snooze again on security certificate renewal (go.theregister.com)

submitted 3 months ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

Seeing weird warnings in Microsoft 365 and Office Online? That'll be why Microsoft has expiration issues with its TLS certificates, resulting in unwanted security warnings.…

top 2 comments

sorted by: hot top controversial new old

[–] Bookmeat 4 points 3 months ago (1 children)

It's called Let's Encrypt. Holy shit, get with the fucking programme, Microsoft.

[–] [email protected] 5 points 3 months ago

They're their own certificate authority and they let their intermediaries expire too. It's partially automated they just don't monitor it. Similar to when your certbot reports it couldn't renew because of whatever reason, maybe dns validation failure or whatever. It usually tells you like 30-60 days before expiry and there's lots of time.

Microsoft has both the tools and knowledge and still doesn't get them all. Every year. One time it blocked mfa and login services. Sometimes it's just teams. It's like they just figured instead of staff monitoring they figure user feedback like their insider program is just cheaper.