Expiring SSL certs expected to break smart TVs, fridges, and IoTs


Level 37
Thread author
Top poster
Nov 10, 2017
On May 30th, select Roku streaming channels stopped working, leaving impacted customers clueless with no idea what was wrong.

The company advised those customers to update the devices manually:
"Due to a global technical certificate expiration, select streaming channels on the Roku platform that rely on this certificate chain may not be working as expected. Please install a manual software update from Roku now."

The same day payment platforms Stripe and Spreedly experienced disruptions and blamed it on expiring Certificate Authority (CA) root certificates.

We always knew SSL certificates came with an expiration date, but we didn't plan for the fact it'd be happening this year!
For SSL/TLS encryption to work, the server presents an SSL certificate to the client: an app such as a web browser, or a device. Should a server certificate be approaching its expiration, the sysadmin can easily renew it. However, for the client to "trust" any presented certificate as valid, web browsers, apps, and devices come equipped with a set of pre-installed root certificates issued by a trustworthy CA.