SSL cert for https://downloads.vscodium.com is signed by invalid authority #2288
Comments
trisweb
changed the title
|
The vscodium.com domain appears to have expired and DNS NS has switched from registrar-servers.com to bodis.com. |
|
Not good at all! I've sent an email to @PalinuroSec. (He has the control on the domain name and he's the team leader of ParrotSec) @bdube Thx for catching the domain name expiration... |
|
|
|
The domain now appears to be blocked by the ADGuard list. |
Not the domain itself, but the |
|
Last year, we had the same issue, it took several days to get it sorted out (#1840) |
|
Oops, I created a kind of duplicate: |
So we can expect one or more repetitions in the future. This bodes well. |
|
still occurs! |
Just a bit curious, but how could this happen? Is automatic domain renewal not activated maybe? |
|
we had an issue with out card that refused all the renewals for our infra, including the vscodium domain. maintaining the domain and the download cdn for this project is a form of donation i'm committed to and a reason to be proud of, but these small incidents have a big impact to the project and i'm very sorry for that. now the domain got renewed correctly and works again for me, please let me know if the new records are working again for you as well. p.s. |
yes, auto-renewal is on. the reason why the payment was declined is to be investigated, as the balance was there and the renewal went well the previous years. also we got no email alert from namecheap except for one message that went to spam for failed domain verification |
|
Thanks @PalinuroSec, it happens. I'd chip in for 5 years if you want to just put some insurance on it for a while. |
|
that would be nice. |
Another one I can recommend is porkbun! It also has the ability to share the access with other users :) ! |
Hi all,
That said I see @trisweb has committed to fund 5 years of domain registration — could you/@VSCodium consider a project/foundation/parent group to actually collect even lower donations and track them so that this never happens again (while VScode is relevant). Maybe even @microsoft would be open to support it? |
|
For those interested, I've made a new repo for Linux. Please read #2296. Thx |
Thats IMO the most logical idea so far to smooth stuff out and security. I see for now only advantages if we don't ask for the price. |
Describe the bug
The current SSL certificate for https://downloads.vscodium.com was created on March 29th, 2025, and expires on the same in 2026, however the certificate authority is invalid and untrusted by most clients.
"net::ERR_CERT_AUTHORITY_INVALID"
Please confirm that this problem is VSCodium-specific
Please confirm that the issue/resolution isn't already documented
To Reproduce
Steps to reproduce the behavior:
Alternatively, update from the mirrored debian repository hosted on https://downloads.vscodium.com/ and see error:
Expected behavior
Self-expanatory
The text was updated successfully, but these errors were encountered: