Comment by lima

3 years ago

Perfectly pulling off an actual MitM attack and then forgetting to renew the certificate is certainly a very German thing :-)

I wonder if someone didn't "forget" on purpose, so that people learn about it.

Or, someone very diligently followed the orders - there was an order to set up a cert, but there was no requirement that it has to auto-renew :)

  • It was claimed to have been running for 6 months so it must have renewed certs at least once - LE certs are good for 90 days.

  • Any sanely designed covert transparent proxy software will automatically stop proxying when the certificate expires.

    I wonder why this didn't.

No, the German thing would have been to have the printout of the telefaxed scan of the court order collecting dust because the scanner in the receiving department is broken...