Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Looks like they tried to rotate the cert, maybe due to the private key leak. But instead, they rolled the wrong expired key to all content domains.


I'm more thinking the new host key prevented SSL cert rotation from happening properly


Maybe, but only if they're refreshing certificates less than a day before expiry. Which isn't ideal.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: