League of Legends was down for a couple of hours after the game’s security certificate was inadvertently allowed to expire. Read on to learn more about the incident.
League of Legends Expired Security Certificate Knocks MOBA Offline
Why Millions of Players Could Not Log In on January 4
⚫︎ Note: Image from Downdetector.com
Millions of League of Legends players expecting to grind the ranked ladder this January 4 found themselves staring at a frozen client and a connection error as the world’s most popular MOBA went dark globally. The disruption was traced back to an expired SSL certificate, a fundamental component of web security that validates the identity of a website or server and enables encrypted connection. In simpler terms, the world’s biggest game went offline because Riot forgot to renew the digital equivalent of a library card.
The outage began at around 12:00 P.M. PST / 3:00 P.M. EST, as players reported that the League client refused to launch or connect. Downdetector recorded a massive spike in reports, and social media feeds were quickly flooded with screenshots of connection errors. This, as users have discovered, was because the game’s digital certificate was only valid from January 7, 2016, to January 4, 2026. When the clock struck past the expiration date, the client could no longer verify its secure connection with Riot’s servers. Consequently, the system flagged the game as a security risk and effectively blocked all player access.
Riot was quick to issue a statement on their social media channels, where they acknowledged the "issue that’s impacting games and preventing players from logging in," though they remained vague and did not point to the digital certificate specifically as the culprit.
Even without an official explanation, players were able to deduce the root cause almost instantly because Riot bumped into the exact same problem ten years ago. On New Year’s Day 2016, when players suffered through a similar issue, Riot’s Brent "Brentmeister" Randall clarified that the blackout was because their certificate "expired for the new year when it should have auto-renewed." It is likely that a similar oversight happened here.
Despite the situation, some players discovered they could bypass the lockout by manually setting their computer’s calendar to January 3rd, which tricked the client into believing the certificate was still valid. Of course, this was only a stopgap, and Riot did not endorse it.
Although this workaround successfully got players into the game, they couldn’t exploit the trick to climb the ladder and rank up. In the same tweet, Riot also noted that "Ranked queues are temporarily disabled while we work on a fix," a standard move to protect player rankings during the maintenance window. The only modes players could actually play during the height of the outage were Normal Draft Pick and ARAM (All Random, All Mid).
By the evening of January 4, Riot engineers eventually generated and deployed a fresh certificate, with users indicating a new expiration as far ahead as 2125. Players slowly regained access to the game and normal service resumed early on January 5.
It's hard to say if League of Legends will still be around in the 22nd century, but Riot has at least ensured that future members of the company won’t be blindsided by the same issue for another hundred years.
For more on League of Legends, check out our article below!
Sources:
League of Legends Down Detector Website
Riot Games Addressing the Complaints on Twitter
Players Sharing the "Workaround" on the Replies to Riot’s Statement
u/Brentmeister Explaining a Similar Problem Ten Years Prior on a Reddit Comment
Players Reporting that League of Legends’ SSL Certificate was Extended by 100 Years
