Is it normal for all my work units (that are still on my computer, 53 of them) to be wiped from my account on Gerasim?

If I continue to run them will they be credited or do they disappear into the ether and not be counted?

This has happened before more than once.

Thanks
Conan

This is still happening to one of my computers (the one with the highest total)
I have 32 CPU work units on it at the moment but all CPU work units have been removed from my account, even though I still have 3 days to go on them.

I must ask again, if I process them do I get credit for them?

I have a number of GPU work units running and they show up on my account, just not the CPU work units.

It seems if you download and don't start processing straight away the work units get removed.

They are not aborted and don't error out they just disappear from my account.

Conan

I uploaded the newest batch of CPU WUs on Feb 3rd. Did you get the problematic WUs before or after that date? Because anything dated before Feb 3rd was deemed a "test" and cleared from the database. If it's after that, then something weird is going on with the server.

Is it normal for all my work units (that are still on my computer, 53 of them) to be wiped from my account on Gerasim?

If I continue to run them will they be credited or do they disappear into the ether and not be counted?

This has happened before more than once.

Thanks
Conan

This is still happening to one of my computers (the one with the highest total)
I have 32 CPU work units on it at the moment but all CPU work units have been removed from my account, even though I still have 3 days to go on them.

I must ask again, if I process them do I get credit for them?

I have a number of GPU work units running and they show up on my account, just not the CPU work units.

It seems if you download and don't start processing straight away the work units get removed.

They are not aborted and don't error out they just disappear from my account.

Conan

I uploaded the newest batch of CPU WUs on Feb 3rd. Did you get the problematic WUs before or after that date? Because anything dated before Feb 3rd was deemed a "test" and cleared from the database. If it's after that, then something weird is going on with the server.

The ones on the computer now downloaded on the 4th and are due the 9th.
I will abort them and download new ones and see what happens

Thanks
Conan

EDIT:: those aborted tasks did not show up as aborted or invalids on my account, so I would not have reciened anything for them

---

The ones on the computer now downloaded on the 4th and are due the 9th.
I will abort them and download new ones and see what happens

Thanks
Conan

EDIT:: those aborted tasks did not show up as aborted or invalids on my account, so I would not have reciened anything for them

Maybe it was a communication glitch with the server. I notice when I upload WUs or download results, the communication periodically stalls and I have to start over. Could be related to the server being in Russia and strict internet policies over there (just a wild guess). Serval and Demis might know more about that.

I am not sure about others but I am unable to view https://gerasim.boinc.ru/ via Brave or Microsoft edge in New Zealand. I kept getting
"403 - Forbidden: Access is denied."
"You do not have permission to view this directory or page using the credentials that you supplied."

No problems here from Darwin in Australia using MS Edge.

---

Grant
Darwin NT, Australia.

I am not sure about others but I am unable to view https://gerasim.boinc.ru/ via Brave or Microsoft edge in New Zealand. I kept getting
"403 - Forbidden: Access is denied."
"You do not have permission to view this directory or page using the credentials that you supplied."

No problems here. You could try clearing your cache and cookies.

I am not sure about others but I am unable to view https://gerasim.boinc.ru/ via Brave or Microsoft edge in New Zealand. I kept getting
"403 - Forbidden: Access is denied."
"You do not have permission to view this directory or page using the credentials that you supplied."

No problems here. You could try clearing your cache and cookies.

Unfortunately no change. It's okay I will remove this project from my computer. It could be something to do with the website security certificate even though it's valid until around 26/10/26. I have to select when I go to the website
Reason for me removing is because I cannot remember/aren't able to change whether I am processing on GPU or CPU
I wish everybody all the best with the project

Unfortunately no change. It's okay I will remove this project from my computer. It could be something to do with the website security certificate even though it's valid until around 26/10/26. I have to select when I go to the website
Reason for me removing is because I cannot remember/aren't able to change whether I am processing on GPU or CPU
I wish everybody all the best with the project

Your decision is truly strange.
You describe the situation:

It could be something to do with the website security certificate even though it's valid until around 26/10/26. I have to select when I go to the website

Let's assume you're right and it's a certificate issue, then:
1. This is usually a problem on the client computer (although we remember and know that the server certificate is also important).
2. Where did you get the date 26/10/26?
Our current certificate chain is as follows:
a) ISRG Root X1 (June 4, 2035, 11:04 GMT) v3
b) R13 by ISRG Root X1 (March 12, 2027, 11:59 PM GMT) v3
c) Let's Encrypt by R13 (April 5, 2026 06:34 GMT) v3
It is important to remember that the final version 3 certificate can be verified by any higher authority that holds a version 3 certificate (a or b).

It is possible that root certificates are NOT installed or updated on your computer.
You need to check this point very carefully.

I'd also like to remind you that the root certificate community has decided to shorten the validity period of certificates. These changes will take place over the next two years (if I remember correctly). For example, the validity period of our Let's Encrypt certificate will be only 45 days instead of three months.

In any case, thank you for participating in our project.

P.S.
I just double-checked the browser options:
1. Edge
2. Edge x32
3. Internet Explorer
4. Internet Explorer x32
I didn't encounter any problems opening our website.
I don't have the Bravia browser, sorry.
Everything was tested on Windows 11 Home.

...unable to view https://gerasim.boinc.ru/ via Brave ...

I've just found your browser online. (https://github.com/brave/brave-browser/releases)
I checked how our website works.
I didn't find any problems with the certificate or accessing the website.

Brave 1.89.21 (Official Build) (64-bit)
Chromium: 145.0.7632.45

Windows 11 Home
ver. 25H2

I was able to replicate that users issue.
Done in Edge. I don't live in the same country as them.

Here is a video:
https://www.dropbox.com/scl/fi/11g6smuxxn5i54k6gwnnp/Gerasim-cert-issue.mp4?rlkey=9se5y15wqmpzubzl0f24978kg&st=18iu91dp&dl=0

More details on the cert:
https://www.dropbox.com/scl/fi/jjnv25nssw971oy7sdsu5/cert.png?rlkey=22lxgyssspaeht1wj3j2j13ku&st=9ij1q1rg&dl=0

I was able to replicate that users issue.
Done in Edge. I don't live in the same country as them.

Excellent results!
Thank you!

What do I see in your image?
That the certificate was clearly generated by someone else.
This can happen, for example, when using various antivirus programs that check the page through their own content verification service.

This is what the line "Issued by: 72f79e24-a3ee-4b1b-9925-a3bf017745b2" tells me.
And also the message from your Windows security system: "This CA Root certificate is not trusted... and bla-bla-bla..."
If you Google the phrase "this ca root certificate is not trusted" you'll quickly find a solution to this problem (and, by the way, I read the advice from the AI ​​in Google Browser; it also gives the right recommendation).

I can, of course, give my own recommendations here, but I think you can resolve this issue faster (it only takes a few minutes) than I can answer here.

I was able to replicate that users issue.
Done in Edge. I don't live in the same country as them.

Here is a video:
https://www.dropbox.com/scl/fi/11g6smuxxn5i54k6gwnnp/Gerasim-cert-issue.mp4?rlkey=9se5y15wqmpzubzl0f24978kg&st=18iu91dp&dl=0

More details on the cert:
https://www.dropbox.com/scl/fi/jjnv25nssw971oy7sdsu5/cert.png?rlkey=22lxgyssspaeht1wj3j2j13ku&st=9ij1q1rg&dl=0

I am pleased you were able to reproduce my issue :-) thank you

If you Google the phrase "this ca root certificate is not trusted" you'll quickly find a solution to this problem (and, by the way, I read the advice from the AI ​​in Google Browser; it also gives the right recommendation).

I can, of course, give my own recommendations here, but I think you can resolve this issue faster (it only takes a few minutes) than I can answer here.

I do not know the server administrator to get the certificate, nor do I believe I need to reach out to them to gain access

Before the server crashed I did not have any issues accessing the website. Hopefully someone is able to provide access to everybody including participants in the time zone of UTC +12.

I believe the reason why you are able to access the website via Brave is because you are able to access it from your location without any issues in the first place.

I appreciate your assistance. Thank you

All the best with getting the website accessible for everyone.

If you Google the phrase "this ca root certificate is not trusted" you'll quickly find a solution to this problem (and, by the way, I read the advice from the AI ​​in Google Browser; it also gives the right recommendation).

I can, of course, give my own recommendations here, but I think you can resolve this issue faster (it only takes a few minutes) than I can answer here.

I do not know the server administrator to get the certificate, nor do I believe I need to reach out to them to gain access

You don't need to know the server administrator.
Anyone can do it themselves.

Before the server crashed I did not have any issues accessing the website.

The server opened fine for me before the crash, too.
But it also opened fine after the crash.
I also tested access from America, France, the Netherlands, and Australia. Everything works perfectly.
You (or anyone else) can double-check this yourself.
Our certificate is public.
Any browser can verify it.
If you're unsure whether your browser isn't verifying it correctly, you can check using a special open service:
https://crt.sh/?q=gerasim.boinc.ru
https://crt.sh/?id=23562037984&opt=ocsp
Which shows all three levels (which I listed above as a, b, and c ) of our certificate.
The easiest way to check is to use the Tor browser.
If our site opens through it, this indicates that the problem is most likely on your computer.

Also, I remind you that certificate verification using the OCSP method has been discontinued.
See https://letsencrypt.org/2024/12/05/ending-ocsp part:

August 6, 2025

    On this date we will turn off our OCSP responders

(The outage on our server occurred on August 19, 2025, very close to that date. But I think this is a coincidence.)

Hopefully someone is able to provide access to everybody including participants in the time zone of UTC +12.

Current information shows that the problem is not in the time zone.

I believe the reason why you are able to access the website via Brave is because you are able to access it from your location without any issues in the first place.

Current information shows that the problem is not in your location.

I appreciate your assistance. Thank you

All the best with getting the website accessible for everyone.

Please note that internet searches yield very specific solutions to the problem:
https://www.google.com/search?q=certificate+update+on+windows&sca_esv=e8bb71c9cc7ce2dd&biw=1189&bih=696&sxsrf=ANbL-n6sSTbwai2vIi0FcMB3RDWdHs1Tcw%3A1770848122167&ei=ev-MaaLrCfKr5NoPvLey6Qk&oq=certificate+update+%D1%89%D1%82+%D1%86%D1%88%D1%82%D0%B2%D1%89%D1%86%D1%8B&gs_lp=Egxnd3Mtd2l6LXNlcnAiJmNlcnRpZmljYXRlIHVwZGF0ZSDRidGCINGG0YjRgtCy0YnRhtGLKgIIADIGECEYChgqSMBpUNIQWLBFcAN4AZABAJgBjAKgAboYqgEFMC42Ljm4AQPIAQD4AQGYAg6gArwSwgIKEAAYsAMY1gQYR8ICBxAAGIAEGA3CAgYQABgNGB7CAggQABgFGA0YHsICCBAAGIAEGKIEwgIFEAAY7wWYAwDiAwUSATEgQIgGAZAGCJIHBTMuMy44oAfPPLIHBTAuMy44uAesEsIHBjAuMTAuNMgHJ4AIAA&sclient=gws-wiz-serp

Methods for Certificate Updates on Windows

    Windows Update (Automatic): The primary method, particularly for 2023/2026 Secure Boot certificates, is keeping Windows updated. It handles the Windows Root Certificate Program, which polls for updates weekly.
    Importing via MMC:
        Press Win + R, type mmc, and press Enter.
        Go to File > Add/Remove Snap-in.
        Select Certificates > Add > Computer account and click Finish.
        Navigate to Trusted Root Certification Authorities > Certificates.
        Right-click Certificates, select All Tasks > Import, and follow the wizard to add new certificates.
    Certutil Utility: This tool, available in Windows 10/11, can download current root certificates from the Windows Update site.
    Windows Admin Center: For updating web/server certificates within the Admin Center, go to Settings > Certificates, and select the new, valid certificate to apply. 

Important Considerations

    Secure Boot: Microsoft is updating Secure Boot certificates (2011 to 2023) to avoid expiration in 2026, which occurs automatically for most devices, although some might require manufacturer firmware updates.
    Isolated Networks: For machines without internet access, root certificates must be updated manually. 

And there's a video attached (https://www.youtube.com/watch?v%3DOW2uxlbVIZs).
Or https://www.reddit.com/r/sysadmin/comments/6nar90/how_the_heck_do_you_update_root_certificates_on/

I may check back from time to time to see if it works & if it does I will be able to check my settings and potentially contribute more to the project, if I am not able to access the site I will not be contributing to the project. Thank you for the information you have provided

I may check back from time to time to see if it works & if it does I will be able to check my settings and potentially contribute more to the project, if I am not able to access the site I will not be contributing to the project. Thank you for the information you have provided

Okay.
Thank you.

We'll try to figure out what's going on.
I still have a lot of questions (in my head).
And I'm not ruling out the possibility of what I wrote in November:
https://numberfields.asu.edu/NumberFields/forum_thread.php?id=667&postid=4090#4090

We're trying to determine whether the DPI could be contributing to this situation.

But on the other hand, we (or rather, the crunchers) see that there's a 403 error (Access Denied).

This means that the packets definitely reached our server, but the server couldn't negotiate a connection and refused.

But why it did this is still unclear to me.
But we'll keep looking.

There must definitely be a reason for this behavior.

I have a request for k29000:
Can you show the image with the certificate (where there's the phrase "Issued by: 72f79e24-a3ee-4b1b-9925-a3bf017745b2"),
but the tab titled "Certification Path" ?

P.S.
Another thought I have:
Our server uses a certificate with a 3072-bit key.
And it's modern.
But not all client programs support it right now.
This might be the reason.

However, the transition to 3072-bit encryption is scheduled for 2026.
Therefore, developers of various programs are required to update to support these certificates.

RSA 3072-bit certificates provide enhanced security over 2048-bit keys, offering greater protection against advanced cryptanalysis, with industry standards mandating this size for Code Signing Certificates since 2021.

Key Aspects of RSA 3072 Certificates:
Enhanced Security: RSA 3072-bit keys offer higher security levels, making it significantly harder for attackers to break encryption compared to 2048-bit keys.
Industry Compliance: Minimum key sizes for code signing and time-stamping certificates were increased to 3072-bit RSA effective June 1, 2021.
Adoption Trends: Many organizations are transitioning to 3072-bit keys to meet recommendations from security agencies, with deadlines often set for 2026 for mandatory adoption.
Compatibility: While more secure, 3072-bit keys may have, though minimal, performance impacts compared to 2048-bit or ECDSA alternatives, but they are generally supported by modern browsers and platforms.
Support: Major services like Azure App Service, CloudFront, and Trend Micro support 3072-bit RSA for improved security in SSL/TLS and infrastructure communication.

Usage Considerations:
Verification: You can check the key size in your browser's security details or via command-line tools.
Alternatives: For higher security with better performance, Elliptic Curve Digital Signature Algorithm (ECDSA) 256/384/521-bit keys are often recommended as a modern alternative to 3072-bit RSA.

If this is the case, then all we can do is wait for this issue to be corrected in programs and in the laws of various countries.

But for now, these are just my thoughts.

@Demis
Насколько я понял, скоро Gerasim останемся без сайта?
https://gerasim.boinc.ru/StatsPage/FloatingPointSpeed.aspx
****
А нельзя ли удалить у Герасима хотя бы назойливую табличку "You are logged in as ..." ?
Без неё было намного лучше.
****
@Demis
As far as I understand, Gerasim will soon be without a website?
https://gerasim.boinc.ru/StatsPage/FloatingPointSpeed.aspx
****
Couldn't you at least remove the annoying "You are logged in as ..." sign from Gerasim?
It was much better without it.
****
Всем привет и хорошего настроения. :)

@Demis
Насколько я понял, скоро Gerasim останемся без сайта?
https://gerasim.boinc.ru/StatsPage/FloatingPointSpeed.aspx
****
А нельзя ли удалить у Герасима хотя бы назойливую табличку "You are logged in as ..." ?
Без неё было намного лучше.
****
@Demis
As far as I understand, Gerasim will soon be without a website?
https://gerasim.boinc.ru/StatsPage/FloatingPointSpeed.aspx
****
Couldn't you at least remove the annoying "You are logged in as ..." sign from Gerasim?
It was much better without it.
****
Всем привет и хорошего настроения. :)

Сейчас должно быть все в порядке.
(Просто вы открывали эти странички, когда процесс проверки еще не был завершен.)
***
Everything should be fine now.
(You just opened these pages while the verification process was still in progress.)

I have a request for k29000:
Can you show the image with the certificate (where there's the phrase "Issued by: 72f79e24-a3ee-4b1b-9925-a3bf017745b2"),
but the tab titled "Certification Path" ?

P.S.
Another thought I have:
Our server uses a certificate with a 3072-bit key.
And it's modern.
But not all client programs support it right now.
This might be the reason.

Sure.

https://www.dropbox.com/scl/fi/ouujsc3fsu0btf2k55fbn/certpath.png?rlkey=7h0mtlqce6h3wbjm1azh58n6g&st=s6bkbanp&dl=0

Sure.

https://www.dropbox.com/scl/fi/ouujsc3fsu0btf2k55fbn/certpath.png?rlkey=7h0mtlqce6h3wbjm1azh58n6g&st=s6bkbanp&dl=0

Wow!
This is certainly very cool.

1. You (and, of course, other people) should understand that this is NOT Gerasim's problem!
2. I can say that there are probably other websites that give a similar error when accessed from such a computer.
3. We can certainly discuss this issue here, but this isn't a forum or a thread for such a discussion.

What should regular Windows users do about this?

If I understand correctly, this issue occurs on Windows 10 (11) when connecting another device via a cable, such as a mobile device, USB, or Type-C.
And OneDrive is still active (using OneDrive on a computer is a whole other story).
(Although, there are probably other options.)

I've read various IT forums (including Russian ones) - the problem has been known for a long time.

I googled the phrases "crossdevice certificate windows how to use", "crossdevice certificate windows how to off".

For the first:

The crossdevice certificate in Windows is a system-generated, ECC 384-bit key usually found in the Personal certificate store (viewable via certlm.msc or certmgr.msc). It facilitates Microsoft's Connected Devices Platform (CDP), enabling features like Cloud Clipboard, Nearby Sharing, and cross-device app continuity. It does not typically require manual user management.
https://community.spiceworks.com/t/strange-crossdevice-cert-in-personal-certicate-store/1061953
How to Use/Manage CrossDevice Certificate
Purpose: It acts as a security token for Windows 10/11 to share data with other trusted devices (e.g., Android/iOS via Phone Link).
Fixing Prompt Issues: If prompted to select a certificate (e.g., when opening a VPN), it is often due to a browser or network conflict.
Removing/Fixing: If it causes issues, you can export it to back it up, then delete it to see if it resolves the problem, or remove it and wait for Windows to recreate it. 
Spiceworks Community

How to View the Certificate
Press Win + R, type mmc, and press Enter.
Go to File > Add/Remove Snap-in.
Select Certificates > Add > Computer account > Local Computer > Finish.
Navigate to Personal > Certificates. 
Microsoft Learn
Relevant Features
Cross-Device Resume: Resuming phone-viewed OneDrive files on a PC.
Shared Experiences: Controlled via Settings > System > Nearby sharing. 
Microsoft Community Hub
If the certificate is causing login prompt issues, it is recommended to check if it's being incorrectly used by VPN software rather than Windows, as noted in this Microsoft Q&A post

For the second:

To turn off or remove the Windows Cross-Device certificate (often causing pop-ups) and disable related features, disable the CrossDeviceService in Task Manager/Services, remove the certificate in certmgr.msc, or disable "Cross-device" in Task Scheduler. These services are tied to Phone Link and Shared Experiences. 
Experts Exchange
https://www.experts-exchange.com/questions/29296345/Stop-Cross-Device-Experience-With-Prejudice-Windows-11.html
Steps to Disable/Remove Cross-Device Features:
Remove Certificate: Press Win + R, type certmgr.msc, and look under Personal > Certificates or Trusted Root Certification Authorities for certificates with GUID names or "CrossDevice", then delete them.
Stop Service: Open Task Manager (Ctrl + Shift + Esc), go to the Processes or Services tab, find CrossDeviceService, right-click, and select "End Task" or disable it in services.msc.
Disable Task Scheduler: Open Task Scheduler, navigate to Microsoft > Windows > CrossDevice, and disable all tasks.
Disable Via Settings (Win 11): Go to Settings > Apps > Sign-in options and turn off "Use my sign-in info to automatically finish setting up my device..." or under Privacy & Security > Cross-device.
PowerShell Removal: Run Get-AppxPackage *crossdevice* | Remove-AppxPackage in PowerShell as Administrator. 
Spiceworks Community
Note: Removing the certificate might temporarily disrupt linked phone functionality.

At the same time, MS writes the following:
https://learn.microsoft.com/en-us/windows-hardware/drivers/install/cross-certificates-for-kernel-mode-code-signing
https://learn.microsoft.com/en-us/windows-hardware/drivers/install/deprecation-of-software-publisher-certificates-and-commercial-release-certificates

Let me remind you that you do everything at your own risk.
(Although I don't see anything wrong with that.)

Perhaps this behavior is the result of installing:
https://apps.microsoft.com/detail/9ntxgkq8p7n0?ocid=pdpshare&hl=en-us&gl=US
But I'm not sure.

I hope this information will help you (and other guys).