Tested with 1 machine w BOINC 7.22.2 new cert file windows 10, was successful at uploading but some boxes still have error.
OK. So remoted into a windows 10 21h1 machine (ivybridge#4) with BOINC 7.16.20 , new crt file, would not upload. Updated BOINC to 7.22.2, did upload, even with OLD .crt it came with. Replaced with new .crt, still successful. Update to 7.22.2 is solution but why.

Looks like BOINC 7.20 and newer uses Windows Trusted Root Certification Authorities store instead of local crt, YET it came with a crt. Newest crt on Github ( https://github.com/BOINC/boinc/blob/master/curl/ca-bundle.crt) and i assume same on BOINC page ( https://boinc.berkeley.edu/ca_bundle.php) yup same MD5 (06b9102fcb5931f1ecc87e898a4f89da) have issue with Asteroids.
Explains 7.20+ uses WTRCAS; https://boinc.berkeley.edu/forum_thread.php?id=14963

I think easiest 4 me is to abort my work and suspend project on farm until if need arises 4 more compute (u guys got it covered) rather than using WTRCAS of old Windows 10. all other projects are working fine. Linux issues, carry on! sorry 4 hijacking.

The server admin has to fix the secondary certificate issue on his side. Nothing can be done but wait it out.

Hi Keith, Is the server manager aware of this problem as far as you know?

---

Look at https://asteroidsathome.net/boinc/forum_thread.php?id=1154&postid=9154

I have sent a PM asking if they are aware.

Asteroids app developer has tried to contact the server admin but has never received any response or acknowledgement of said contact. So no response from admin yet. So we continue to be stuck with no way to contact project, report tasks or request more without using the workaround. And no external stats site can show any stats either still of completed work or updated stats.

---

A proud member of the OFA (Old Farts Association)

Trying to get a work-around working on my old Macos cruncher. I installed the cert but BOINC still can't connect.

Did I install the right cert?
I did the top one in this list: https://repo.harica.gr/rep_dyn.php

https://repo.harica.gr/certs/EACP-Root.pem
^
I'm still getting "transient HTTP error"
And "SSL peer certificate or SSH remote key was not OK"

I did add the cert correctly (as you do in macos) and then went back in and explicitly told keychain access to always trust the cert. In the keychain app, it went from red 'error' to blue 'ok'

From earlier post in this thread you need the intermediate cert.
https://www.uni-muenster.de/CA/harica-rsa-server-2025.crt

---

Paul.

Well, in the last hour or so something MAY have changed - I was able to upload and report fifteen task, which are now sitting awaiting validation.

Yes, here to.
Since about 1 1/2 hour it seem to work. There where several WU's downloaded on my two Ubuntu's and they are running now. Very hopefully!
:-)
Good work!

---

No change here, still can't contact servers,

Transient HTTP error and certificate problems on 4 of my Linux machines.

One does work as it has a different Boinc Client version

it all worked up till the 17th of September then stopped.

Conan

No change here, still can't contact servers,

Transient HTTP error and certificate problems on 4 of my Linux machines.

One does work as it has a different Boinc Client version

it all worked up till the 17th of September then stopped.

Conan

Same here.
I think this explains the problem:
https://asteroidsathome.net/boinc/forum_thread.php?id=1148&postid=9222
but I'm running the latest version in the repo, which is 7.16.

add the gianfranco PPA and install a newer BOINC client.

even with some updated certs, you still have things like SSL versions that are compiled into the BOINC client and cant be added a la carte like the certs can be.

---

Why should we update BOINC when the old certificate (as of the 17th September 2025) worked fine with the BOINC versions I already have.

Can't that certificate be added back in? Then all would be fine as it was before

It is not going to be easy for me to upgrade the Berkeley installed versions I have.

I like the way it is installed (with the Berkeley installer), I don't like the distribution installed versions as they stick stuff everywhere and I lose direct control over the way things are installed and looked after.

Conan

I dont think it's going to be possible to explain all the intricacies of the certificates and how they work to satisfactorily answer your question.

the old cert expired it cant be used anymore.
using the new cert may need a newer version of SSL
SSL is compiled into BOINC, not a separate package.

you may need to bite the bullet and upgrade at this point. as other projects update their certificates you may start to see other projects requiring the same kind of updates eventually. Einstein just posted something about this yesterday.

you could always pull the code from their github, compile the client yourself and just replace the boinc client executable. leaving everything else in-place.

---

Problem solved for my old BOINC clients by following these instructions:
https://boinc.berkeley.edu/ca_bundle.php

I found the BOINC directory (/var/lib/boinc) contained a symlinked .crt file:

lrwxrwxrwx 1 boinc boinc 34 Jun 18  2019 ca-bundle.crt -> /etc/ssl/certs/ca-certificates.crt

I renamed it ca-bundle.crt.old before downloading the new bundle with wget:

sudo mv ca-bundle.crt ca-bundle.crt.old
sudo wget https://boinc.berkeley.edu/ca-bundle.crt
sudo chown boinc:boinc ca-bundle.crt

Then I restarted BOINC (by rebooting :)).

I can confirm that this worked on my systems as well.

Thanks!

Thanks Ian&Steve C. I will probably have to bite the bullet one day, just not today, I have been given a reprieve.

Thank you Brummig that link works a treat and I can now talk to Asteroids again

All 4 computers have now contacted the project.

Thanks to all

Conan

I upgraded two lesser used computers to boinc 8.2.8 from I think 8.2.5 a week or two ago and they haven't been able to access the server since.

I just tried adding the certificate manually but that doesn't seem to work. These systems aren't that old either. Formerly I was only having trouble on older machines. These two are on Monterey and Ventura.

If I tried anything besides adding the cert to the system, I didn't write it down I guess because. Any tips to get this working again? I have a bunch of completed work thats already expired :(

Downgrading back to 8.2.5 fixed the problem for me.

BOINC should use system certificates since version 7.20.0
https://github.com/BOINC/boinc/commit/85b9494d96161cd0800efb6c254b3a4573df860b

If reverting from 8.2.8 to 8.2.5 resolves the problem and the website is accessible from a web browser, then the issue is likely within BOINC (macOS version) and should be addressed there.

There was a recent change in BOINC 8.2.6 that may have caused the issue https://github.com/BOINC/boinc/commit/420ba06465e16510a5f8a320718d70601f8ed308