Is anyone else redirected by this url to <a href="https://guce.advertising.com/collectIdentifiers?sessionId=3_cc-session_3982b38b-2de1-484a-98bd-4a0b8635308c" rel="nofollow">https://guce.advertising.com/collectIdentifiers?sessionId=3_...</a> ?<p><a href="https://gfycat.com/fortunateyawningcopperhead" rel="nofollow">https://gfycat.com/fortunateyawningcopperhead</a><p>My router is blocking this domain on DNS level in OpenWRT, techcrunch.com is redirecting me there, so I can't visit this page.<p>Edit: I literally can not visit any techcrunch.com article, all of them redirect me to this doggy ads+tracking domain. It doesn't matter if I came from google, DDG, reddit or HN.
A similar problem with Azure happened way back in 2013: <a href="https://www.computerworld.com/article/2495453/microsoft-s-azure-service-hit-by-expired-ssl-certificate.html" rel="nofollow">https://www.computerworld.com/article/2495453/microsoft-s-az...</a><p>More recently, it happened with Ericsson:
<a href="https://www.theverge.com/2018/12/7/18130323/ericsson-software-certificate-o2-softbank-uk-japan-smartphone-4g-network-outage" rel="nofollow">https://www.theverge.com/2018/12/7/18130323/ericsson-softwar...</a><p>This article has some information about how Let's Encrypt enabled an "automated process that handles renewals":
<a href="https://duo.com/decipher/proposal-to-make-https-certificate-expire-yearly-back-on-the-table" rel="nofollow">https://duo.com/decipher/proposal-to-make-https-certificate-...</a><p>I wonder if such a process should be made an industry standard? Does anyone know if there are any proposals for it?
I am going to seize this opportunity and rant out my angst against Microsoft’s worst product till date.<p>Has anyone even felt that Teams is a heavy app that consumes a lot of time to come alive?<p>Even during calls, the quality is horrible that I don’t even want to describe the pain I go through. There’s strong distortion and voices will never be heard clearly.
There should be a page out there that lists Microsoft outages due to missed certificate or domain expiration. Like that hotmail one long time ago.<p>I would think at this point they would be their own major certificate authority and maybe domain registrar.
Another HN post mentioned that a lot of collaboration sites were down because many people are telecommuting due to the Wuhan virus.<p>I honestly thought this was why Teams was down for me.
This has happened to me enough times to be embarrassing. It seems to happen to other people who you'd think have some sensible way to avoid it.<p>Is there a reminder service out there that specializes in your long-term expiring things? I'm not sure what would be different about it than a regular calendar, but it seems like many of us need something that makes this easier.
It is an interesting side effect of the tenancy of software developers these days that any process that requires action on a > 2 year interval is likely to fail, if the cycle is 5 years or more it will <i>always</i> fail.<p>The turnover insures that nobody in the department was there when the process was started/last interacted with, and so it is off the collective organizational radar so to speak.
I'm actually curious: Is there a market for a SaaS which simply keeps track of certificates and when they expire? (Perhaps even with an auto-Deploy new certificate mechanism?)
They tweeted that it was an <i>authentication</i> certificate. I.e., probably not a regular TLS domain certificate or similar (still could be TLS client cert though), but probably more like a certificate/key that one service used to log into another. A lot of microservice/container/kubernetes setups use them for all kinds of stuff, which is really a big step forward over password logins.<p>Not like it matters, but it kinda does, because those tend to be private and internally generated, and not necessarily signed by an external certificate authority.
I'm going to shamelessly plug my project, Certera, here. It handles monitoring/tracking, cert issuance and renewals and helps larger organizations manage their certificate needs more consistently.<p><a href="https://docs.certera.io" rel="nofollow">https://docs.certera.io</a>
Amazing. A company like Microsoft could afford to hire an entire department to do nothing but make sure certificates don't expire, but this still happens.<p>Jokes aside, I don't understand how this problem hasn't been solved in the general case.
Does anyone know what endpoint's certificate had expired?<p>Would be interesting what CA they used for it and if it's a SAN certificate.<p>Edit: here's the certificate log of the teams subdomain but I couldn't find the one that expired today in it
<a href="https://crt.sh/?q=teams.microsoft.com" rel="nofollow">https://crt.sh/?q=teams.microsoft.com</a>
Just listening to the number of complex shenanigans experienced sysadmins have to employ to keep up with the demands of managing HTTPS makes me wonder how on earth your average non-technical DIY static site developer has a chance in hell of keeping his site from failing modern browsers' requirements. Universal HTTPS is a bad joke.
Our HTTPS overlords have much to answer for. How many static sites, for example, really need HTTPS and the non-trivial maintenance involved in the average Apache/Letsencrypt/certbot setup? Talk about sledge-hammer to crack a nut. And renewals every 3 months?! Don't get me started. Sure, the likes of Microsoft should be able to do better but isn't there a message here? Beyond secure sites such as finance, government, logins and ecommerce the whole HTTPS certificate nonesense is a giant burden/cost with no benefit.
when getting a site/API on its feet, enabling https and the cert is usually the last thing to get done and an afterthought. Certs are easy to forget about but when they expire they shut.down.everything.
Teams is great improvement over Skype for Business, which was great improvement over Lync, but it's still garbage. Interesting how the same company also made awesome VSCode.