
Manjaro Blames GlobalSign for SSL Cert expiry after not receiving “extension” - andygambles
http://manjaro.github.io/expired_SSL_certificate_update/
======
rmoriz
"Free SSL Certificates for Open Source Projects"
[https://www.globalsign.com/en/ssl/ssl-open-
source/](https://www.globalsign.com/en/ssl/ssl-open-source/)

------
jstanley
What does he mean by "extension"? How can you extend validity of an SSL
certificate? Or is that the point, he's just making stuff up?

~~~
4mnt
You do not ask for an extension of an SSL certificate, but you get a new one
signed with another expiry date.

I think it is theoretically possible to change the expiration date, and ask a
certification authority to sign that new certificate, but I have never heard
of that happening anyways.

------
JosephRedfern
Have the addressed the way they handled the issue, rather than the issue
itself? It's one thing to have an expired certificate, but it's another to
advise people to turn their clocks back to get around the issue...

~~~
andygambles
They have now "renewed" the certificate. However it seems they believed
GlobalSign would issue an "extension".

~~~
Arnt
I read it differently; they thought they could negotiate a renewal free of
charge or at a discount and didn't have a plan B.

------
umurkontaci
Here's another story from manjaro last week:
[https://manjaro.github.io/expired_SSL_certificate/](https://manjaro.github.io/expired_SSL_certificate/)

They have suggested users to adjust their computer time a couple of days
before the expiration to use the site.

They should really start reading about how the SSL works.

~~~
TheCraiggers
I'm getting really tired of seeing them raked over the coals for having the
audacity to even suggest the "time change" work-around. If I remember right
(it has been edited, sadly), changing your time was given as the last possible
work around in a list of 4-5, and was marked as a "last resort" and not really
a great idea.

I think the amount of reaction this story has gotten over the last week is
completely attributed to click-bait headlines that quote that out of context,
by people who only read said headline. This is _not_ worth crucifying these
people over.

~~~
andygambles
It was originally the only workaround offered

[https://twitter.com/servertastic/status/586113649766494208](https://twitter.com/servertastic/status/586113649766494208)

