iOS app not loading - ADDTrust External CA Root Expiration issue - 05/30/2020

GREAT NEWS!

Looks like we’re back up and running :slight_smile:

2 Likes

I was able to log back in within the iOS app everything is up and running again thank you Rachio

1 Like

back… let it rain

1 Like

Yep. Seems to be working again.

Still can’t get my rachio to come online. It says offline still. This issue isn’t fixed. And their support was supposed to call me back.

tl;dr - This was the cause of iOS not able to connect.

https://calnetweb.berkeley.edu/calnet-technologists/incommon-sectigo-certificate-service/addtrust-external-root-expiration-may-2020

:cheers:

1 Like

i needed to keep my sprouting seedlings moist and tried to go in manually and was getting that same error.
After looking through a couple of logs and trying to reset the controller I found where you guys are trying to address it.
Right then my sprinklers kicked on and I thought hey, it’s fixed.
When I tried to go in and turn off the ones that were running so I could turn on the ones I wanted, I was still getting the error.
That’s when I realized that it came on with the automatic schedule.
So, at least there is that.

1 Like

Yep, success!
Back in business!! Thx!!

You’re welcome :wink:

I was dealing with the same issue at work.

I just went to the application and did not appear to have a problem. I will continue to check it out. I am on the latest iOS version 13.5

Oh fun, can I ask what system(s) were impacted? Whatever details you can provide. So strange Android worked fine, and our team was completely unaware of this change coming. Everything I’m now reading says “You probably won’t be impacted”. I guess we are that small part of probably.

:cheers:

Mostly affected Intermediate certs in the cert chain provided by network solutions (for us) on AWS or Linux Hosts that used legacy auth. Even if we had upgraded certs in the chain they would fail on the expired cert. From what I understand this cert is a 30 year cert (Add to your calendar:) ). our godaddy certs were unaffected.

windows uses the modern “USERTrust” root certs and nothing is needed. the systems with the older USERTrust (like the linux aws machines) have issues

you could have tested it by running this from linux
openssl s_client -showcerts -connect subdomain.domain.com:443

cert provide (network solutions?) needed to let clients know that the intermediate certificate that was issued and controlled by Sentigo will expire today impacting some downstream applications that are not browser based may experience issues.
Not sure why it didn’t affect android? Different certs?

2 posts were split to a new topic: Controller running, zones not turning on

Thanks for that rundown! Yeah, we never got the memo :smile:

We created a new cert chain with https://www.tbs-certificates.co.uk/FAQ/en/USER-Trust-RSA-Certification-Authority.html, deployed to our servers and magic happens. This one expires in 2028 :wink:

Fun morning for sure!

Thank you everyone for your patience.

:cheers:

Good to hear. Yes we are in a change freeze this week. Well surprise!

Change free, until its not!

:cheers:

1 Like

2 posts were merged into an existing topic: Controller running, zones not turning on

A post was merged into an existing topic: Controller running, zones not turning on