As the US government shutdown rolls on, numerous TLS certificates expire, leaving sites inaccessible
With the US government shutdown in its third week, President Trump continues to try to convince both his own party and the Democrats to agree to fund one of his campaign promises -- a wall on the southern border.
So far, the shutdown has seen national parks and more left unstaffed, and today is the first payday on which hundreds of thousands of federal workers will not receive a paycheck. Another side effect of the shutdown is that numerous government websites are offline as their TLS certificates have expired, and no one is available to renew them.
Among the agencies whose websites are affected are NASA, the US Department of Justice, and the Court of Appeals. In all, some 80 or more TLS certificates have expired, and this has left many sites inaccessible to the public, according to Netcraft.
The problem affects dozens of certificates relating to .gov domains, and the failure to renew them means that visitors -- depending on the browser they are using -- may be blocked from accessing the sites completely, or could be met by security messages warning about visiting an insecure, potentially dangerous site.
As noted by ZDNet:
Government websites are dropping like flies, with no one being on hand to renew TLS certificates.
Websites with expired certificates where admins followed proper procedures and implemented correctly-functioning HSTS (HTTP Strict Transport Security) policies are down for good, and users can't access these portals, not even to browse for basic information.
Government websites with expired TLS certificates but which didn't implement HSTS show an HTTPS error in users' browsers, but this error can be bypassed to access the site via HTTP.
Nevertheless, visitors are warned not to log in or perform any sensitive operations on these sites, as traffic and authentication credentials aren't encrypted and could be intercepted by threat actors.
It is not clear when the certificates will be renewed and, unless the shutdown comes to an end soon, it's likely we'll see more problems with other government websites.