Chromecast users still waiting for fix after outages since March 9th

Google has apologized for the disruption affecting its second-generation Chromecast and Chromecast Audio devices, but so far, it hasn't given a clear timeline on when the problem will be fixed. The issue began on March 9th, causing devices to stop working due to an expired device authentication certificate authority.

The affected devices are unable to complete the cryptographic process required to authenticate with Google's official apps and services, resulting in error messages about being "untrusted" devices.

Independent research suggests that a fix could take potentially weeks to materialize. Tom Hebb, a former Meta software engineer and Chromecast hacker, has published a detailed analysis of the issue and believes that fixing it won't be easy.

The problem: expired device authentication certificate authority

Cromecasts are essentially media players that plug into equipment such as loudspeakers or TVs. Apps can connect to these devices and send data, including a URL to fetch media from and output by itself when playing something.

Chromecast devices contain a cryptographic public-private key pair installed at the factory, which form a certificate creating a digital signature proving the gadget is a legitimate Google-made device.

This means that apps can verify that the device is a genuine Google product using this digital signature. However, when the expired intermediate authority's 10-year validity ended on March 9th, 2025, software analyzing the chain of trust would reject it as broken, rendering devices useless.

Fixing the problem won't be simple

Tom Hebb suggests that a fix could involve either updating client apps to accept or workarounds with the situation, or replacing all key pairs shipped with the devices with new ones using a valid certificate authority.

However, getting these new keys onto devices will be challenging due to some being factory reset and unable to be initialized by Google applications because the bundled cert is untrusted.

Timeline for the fix

The former Meta software engineer predicts that it could take over a month of effort from Google to build and test a new Chromecast update to renew expired certificates. Alternatively, teams within Google may need to coordinate internally to push out new releases to tackle the problem.

Update on the fix

Roughly four days after the issue began, Google announced that it's ready to gradually roll out an update for Chromecasts to get them working again as usual. While there is no clear timeline yet, we can expect more news in the coming weeks.

Meanwhile, independent security researcher Maciej Mensfeld also believes the outage is likely due to the expired device authentication certificate authority and has proposed a workaround that has helped some users.