Certificate expired!!

Tips, tricks and frequently asked questions
DMar
Posts: 10
Joined: 23 Nov 2021, 09:13
Location: France

Re: Certificate expired!!

Post by DMar »

Phil35 wrote: 25 Nov 2021, 09:38 donc valide cf aussi la copie d'écran.

En revanche on peut se poser la question :
Mais pourquoi aller chez GoDaddy.com ? en France y a des "registrars" tout à fait correct. non ?
D'autant plus quand on lit cela date de 2 jours : https://blog.malwarebytes.com/hacking-2 ... reach/amp/ un tel problème de sécurité chez GoDaddy.
Hallucinant pour une telle société :
“It appears that GoDaddy was storing sFTP credentials either as plaintext, or in a format that could be reversed into plaintext. They did this rather than using a salted hash, or a public key, both of which are considered industry best practices for sFTP. This allowed an attacker direct access to password credentials without the need to crack them.
Vu la révélation de Malwarebytes, changer de fournisseur de certificat serait rassurant plutôt que rester chez GoDaddy !
Phil35
Posts: 131
Joined: 27 Dec 2014, 14:45

Re: Certificate expired!!

Post by Phil35 »

@DMar : 100% d'accord
Netatmo Weather Station + External module + Rain gauge + Internal smart cam + presence cam
Brieuc_Netatmo
Posts: 3088
Joined: 02 Jan 2014, 11:20

Re: Certificate expired!!

Post by Brieuc_Netatmo »

Hello everyone,
Thank you for having reported this certificate issue. Be assured we were already alerted and we did everything possible to renew it as fast as we could.
Regarding the usage of GoDaddy to issue our certificate, it's still perfectly safe and let me explain why: there is a difference between the Certificate Authority of GoDaddy and their WordPress services. If there had been a security breach in their CA, the root certificate would have been revoked by the editors which would have made all encrypted connections attempts impossible using a modern web browser.
That being said, we were already aware of that incident at GoDaddy, but our services were not impacted at all. There is no reason to use another Certificate Authority provider.
Brieuc - Netatmo Team
Post Reply

Return to “General questions”