All IDA users that rely on the Lumina service.
IDA has a relatively simple method for checking the server certificate
that it receives when connecting to the
That method was fine as a first shot, but we are now fast approaching the date of October 10th, 2019, which will invalidate the one-year-validity period of the certificate that IDA relies on.
Yes, it means just that: IDA will receive the certificate from the
lumina.hex-rays.com server, but even before being able to perform
its own checks, the basic validation performed by the lower-level
libssl) will fail due to the certificate having expired.
Yes. We knew this day would happen since the beginning, and until we
implement a more traditional certificate chain validation (à la web
browser), we have left open the possibility to provide an additional
certificate to IDA, in the form a
On October 10th, 2019, if you ever notice that IDA fails to contact
lumina.hex-rays.com host, please:
%APPDATA%\Hex-Rays\IDA Pro(on Windows), or
~/.idapro(on Linux & OSX)
and you should be good to go.
We intend to implement a proper certification chain mechanism (similar to what browsers do), which is considerably more flexible, but that will be for a later version of IDA. The existing installations will need to use the provided certificate file as a workaround.