US .gov sites dropping like flies as certs expire

By

Scuppered by government shutdown.

An increasing number of United States government websites are becoming inaccessible as their Transport Layer Security (TLS) digital certificates expire and aren't being renewed at departments closed down thanks to lack of funding.

US .gov sites dropping like flies as certs expire

Internet performance metrics site Netcraft reported that the number of expired TLS certificates used by US government websites had jumped to from 80 last week to 130 currently.

Expired TLS certificates means modern web browsers such as Mozilla Firefox, Apple Safari and Google Chrome warn users that their connections are not secure and refuse to load the sites in question.

While users can in some cases elect to click through the warnings and blocking interstitial pages to load sites via clear-text, unencrypted connections, this isn't always possible.

Sites that are "pinned" in the preloaded HTTP Strict Transport Security (HSTS) list for browsers will refuse to serve up clear text versions of web pages. This leaves the site in question completely inaccessible. 

Netcraft pointed to https://manufacturing.gov which is used by the Trump administration to promote US manufacturing as example of a "dead in the water" site that will not load with an expired TLS certificate, as it's listed in the HSTS policy.

Other US government web properties affected by expired certificates include a White House subdomain, along with sites belonging to the Federal Aviation Authority, Department of Agriculture, the National Archives and remote access sites.

The US government shutdown started just before Christmas after president Donald Trump and Congress lower house failed to reach an agreement on the appropriations bill for funding the administrative agencies for 2019.

Trump had demanded but failed to gain US$5.6 billion in funding to build a wall between the US and Mexico. The US president said he will veto any appropriation bills that do not have funding for the wall, resulting in the a quarter of government being shutdown and 800,000 employes being locked out of their workplaces.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
governmenthttpssecurityshutdowntlstrumpunited states

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?