Posted: Sun Aug 20, 2023 13:02 Post subject: The certificate for download1.dd-wrt.com expired on8/20/2023
It looks like let's encrypt certificate for download1.dd-wrt.com has been expired.
Please PM me if you need advice on automatically renewing those as well as DNS valid card certificates and EC Keys _________________ Several NetGears with Broadcom and with Atheros
Mode: RIP2 Router, 2G/5G radios are active, Routed WiFi multiple SSID's/separated by IP subnets.
Remote Syslog, NTP, IPv6 management, WireGuard routed Site-2-Site VPNs
That's fine for Let's encrypt certificates. They do encourage frequent renewals/automation. _________________ Several NetGears with Broadcom and with Atheros
Mode: RIP2 Router, 2G/5G radios are active, Routed WiFi multiple SSID's/separated by IP subnets.
Remote Syslog, NTP, IPv6 management, WireGuard routed Site-2-Site VPNs
Your certificate (or certificates) for the names listed below will expire in 7 days (on 2023-mm-dd). Please make sure to renew your certificate before then, or visitors to your web site will encounter errors.
We recommend renewing certificates automatically when they have a third of their total lifetime left. For Let's Encrypt's current 90-day certificates, that means renewing 30 days before expiration. See https://letsencrypt.org/docs/integration-guide/ for details.
_________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
The problem should be resolved please clear browser cache (CTRL+F5)
Is it fixed? Both links in the mwchang post two posts before yours give me errors in bing (a browser I never use so nothing is cached). The first link should end with .com not .coms .
Joined: 06 Oct 2011 Posts: 29 Location: Belfast, Ireland
Posted: Thu Aug 24, 2023 0:38 Post subject:
I've found that https://ftp.dd-wrt.com works, ish... It still gives a cert expired error, but you can add an exception for it as it's not using HSTS, whereas https://download1.dd-wrt.com is using HSTS, so no way to override
Depends on browser used, among other things (?). Epic doesn't balk on either so much. Chrome 116.0.5845.111, same. Edge, same. Firefox ESR and Quantum, same. Only SRWare Iron (on Linux, which is 113.x.x.x) is the one acting funny for us here. Windows version (115.0.5850.0) doesn't seem to be doing it at the moment. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Thu Aug 24, 2023 6:54 Post subject:
kris18890 wrote:
I've found that https://ftp.dd-wrt.com works, ish... It still gives a cert expired error, but you can add an exception for it as it's not using HSTS, whereas https://download1.dd-wrt.com is using HSTS, so no way to override
Better change the download links of future build notices to reflect this??
If the certificate was for "dd-wrt.com", why did "https://ftp.dd-wrt.com" work but not "https://download1.dd-wrt.com"? Were they using different certs?
I'll add to the email clutter that is surely already in Sir BrainSlayer's inbox.