That’s an interesting error message because it is wrong. The certificate did not change, it just expired. This is a known issue in the Riot app.
That was the issue … again Everything about our Matrix server is back to normal again. If you got logged out, you’ll have to log in again.
Actually on second thought @natalia_skoczylas, that made no sense. You showed me a certificate warning from your phone (with a wrong certificate), and then we tested on your desktop computer that you see the right
matrix.edgeryders.eu certificate. A hacker could have targeted your phone and not the desktop computer, so just checking on desktop made no sense.
Now in all probability your Riot on the phone did not get hacked, because why would anyone want to do that. But to be sure, you’d have to reinstall the Riot app on the phone and delete all its data in order to undo that you clicked “Trust” for that wrong certificate. And for that there is no practical solution in Android that I know of, nor is there a way in the Riot app to check what Matrix server certificate you use currently and which ones you trust, and to change the trust.
tl;dr: If somebody would try to hack our Riot chat, it’s not so easy to defend. I should write several bug reports to the developers … if I had the time for it. (Update: I sent them this one.)
Quick solution for the future: Everyone, please do not accept any untrusted certificate in the Riot mobile application. The website will stop working when there is an untrusted certificate, but the mobile version will ask if you want to create an exception. From today until 2019-12-17, the SHA-256 fingerprint of the right certificate is this one (and it will be trusted automatically and thus should never appear in the screen asking for an exception):
8F CB EC 5E 0B FF 86 A7 27 AF 0B 77 99 70 A1 EB
78 8A 95 B3 52 11 7A D0 D2 95 BE A5 85 AC E6 30