Jump to content

GitHub breaks site layout after forgetting to renew certificate

Recommended Posts

This morning, GitHub's pristine layout vanished off of the repository, in what looks like a miss on the company's part in renewing an SSL certificate.





Soon, reports emerged all over the internet from users who had to endure a broken GitHub experience.


The expired certificate prevented numerous resources like images, JavaScript, and CSS stylesheets from correctly loading on GitHub.

Expired CDN certificate breaks UI, wreaks havoc

Masiur Rahman Siddiki, a web developer tweeted to GitHub, "Seriously ?? Your CDN's SSL Expired ? How on earth is that possible ?"


Content Delivery Networks (CDNs) comprise distributed sets of servers, separate from the main website's server which are strategically placed at different geographical locations.


This is done to optimize performance, speed, and delivery of content like videos, images, and other web resources. 


For example, while the main github.com server may be hosting the text you can read on the website, the images, stylesheets, and JavaScript files may be coming from a completely separate CDN server, depending on your location and other factors.


Because https://github.com is hosted on a secure server with a valid SSL certificate, the website would not automatically pull images from a CDN with an expired SSL certificate, without throwing warnings, or in some cases breaking the website's UI altogether. This is called mixed content problem


Siddki provided a screenshot of the SSL certificate issued to GitHub's CDN, github.githubassets.com.


The SSL certificate was valid only until November 2, 2020, 7:00 AM ET, after which multiple user reports started emerging on Twitter and Reddit.




GitHub's CDN SSL Certificate had expired today breaking parts of the site
Source: Twitter


Because of this problem, github.com would show text, links, and thumbnails fine, but was devoid of its rich UI, stylesheets, and scripts that make the open-source repository look whole. 


Software developer Janne Varjo tweeted to the company too, stating GitHub had experienced a downtime of about 30 minutes:


"@github's *.githubassets.com SSL cert expired earlier today. The downtime of that domain was about 30 mins until the new cert was deployed. 

I was able to send a comment to an issue with all the frontend assets missing. Does YOUR webapp work without frontend assets? Should it?"



GitHub pages show limited styles and visual graphics due to expired CDN certificate
 Source: Twitter


New certificate deployed, SSL blunders on the rise

As confirmed by BleepingComputer, a new certificate has been installed today on the github.githubassets.com domain to remediate the issue.




New certificate issued today, expires November 2021
Source: BleepingComputer

This new certificate will, however, expire in November 2021. 


We can only hope GitHub will remember and not repeat the mishap next year, leaving millions of its users confused.


As more and more web technologies and IoT devices move towards increased security and an "HTTPS everywhere" approach, workflows and processes need to be revised across industries to minimize any inconvenience to customers.


Last week, HP users (myself included) around the world were left unable to print from their Apple devices after their printers' certificates were magically revoked.


Earlier this year, Roku TV channels had ceased to stream after a global certificate expiration issue left consumers in limbo.


While renewing an expired SSL certificate is an easy task, the expirations do cause outages that could have been entirely preventable through adequate planning.




Link to post
Share on other sites

That's Microshit for you!

  • Like 2
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...