Plugin Manager site unreachable - SSL Certificate Expired



  • I attempted to access the Notepad++ plugin manager from the notepad-plus-plus.org website. The link took me to https://bruderste.in/npp/pm/, but Firefox refused to open the page because the SSL Certificate expired on January 20, 2019.

    1. Is bruderste.in the correct site for the plugin manager?
    2. If so, can the SSL cert be updated?
    3. If not, can the link on the notepad-plus-plus.org site be updated?

    Thanks!



  • @RichDempsey: welcome to the Notepad++ Community

    You asked about the plugin manager

    What version of Notepad++ do you have? If it’s v7.6 or newer (the current version is 7.6.6), you do not need and should not use the Plugin Manager – use the builtin Plugins Admin (Plugins > Plugins Admin…) instead.

    The old Plugin Manager – which was developed by an external entity, not by the Notepad++ developer – is only useable for v7.5.9 and earlier; it is not compatible with v7.6 and newer. I did a quick look on the official notepad++ site, and the only links I could find to the bruderste.in domain were either in the super-out-of-date NpWiki++, or in the forum itself – and all of those were http:// links, not https:// links… so a redirect is probably going on. Pages in the NpWiki++ are not actively maintained. If there’s a page in the main notepad++ website (not the forum or the NpWiki++) that mentions that, let us know the URL.

    That said, if you are on an older version of Notepad++ (v7.5.9 or earlier) and don’t want to upgrade, you can still have access to the old Plugin Manager. You can either tell your browser to ignore the certificate, or you can go directly to the github download (below)

    1. Is bruderste.in the correct site for the plugin manager?

    Yes and no. It was, at one point, but it hasn’t been updated in two years – so it doesn’t surprise me its certificate has expired. You can either ignore the certificate error and look at that page, which then tells you to download from the github page. The latest Plugin Manager can be downloaded from https://github.com/bruderstein/nppPluginManager/releases/latest .

    1. If so, can the SSL cert be updated?

    In theory, it could be. But @bruderstein would have to be the one to do it. His website is not under control of the Notepad++ Community, or under the Notepad++ Developer. It would surprise me if he went to that effort, because the Plugin Manager is no longer needed (or useable) for current and future notepad++ versions, and most legacy-version users already know where to go to get the Plugin Manager.

    1. If not, can the link on the notepad-plus-plus.org site be updated?

    If you can give a link that’s not in the NpWiki++ or the Forum areas of the notepad-plus-plus.org site, we can probably submit an issue to the developer/website-owner, so that the request can be tracked, and it improves the chances of the developer seeing the request… However, there is no guarantee that such requests will be fulfilled anytime soon; the developer focuses most of his development time on adding features and fixing critical bugs in the application, rather than on documentation and website maintenance.



  • ATTENTION!! To all readers of this topic: Be careful!

    The above posting of @RichDempsey contains a link to notepad-plus-plus.com. Do NOT click on this link!!

    If you click on that link you are redirected to an obviously malicious website that tries to mimic a Microsoft site. Here is a screenshot:

    It states:

    • You are running an illegal copy of Windows.
    • You are using piracy software.
    • Your machine is hacked.
    • Your machine sends viruses to the internet.
    • Your machine is blocked because of security concerns.
    • You should call a certain telephon number to contact the Windows support.

    Additionally it opens a lot of download dialogs (see lower edge of screen) and a login box (see upper right corner) to block the browser’s UI. Closing the tab is not possible as well as using the “Back” button to return to this forum. I had to kill all Firefox processes to get rid of this crap.

    There is no domain named notepad-plus-plus.com that is affiliated to the Notepad++ project. The correct domain is notepad-plus-plus.org.

    I guess the owner of the fake domain is a gang of phone scammers which want you to grant them access to your computer to steal sensitive data like credit card numbers, online banking login data and so on.

    Additionally to posting this comment I will flag itself and the posting of @RichDempsey for moderation to attract attention. This link should be deleted.



  • @dinkumoil Thanks for catching that issue. The above posts have been edited and now point to the .org domain to keep users from mis-clicking.


Log in to reply