Today any apt-get update call in Whonix (at least on Qubes, but likely elsewhere too) fails with:
whonix-gateway-17:out: Err:2 tor+https://deb.kicksecure.com bookworm-testers InRelease
whonix-gateway-17:out: Certificate verification failed: The certificate is NOT trusted. The revocation or OCSP data are old and have been superseded. Could not handshake: Error in the certificate verification. [IP: 127.0.0.1 8082]
Maybe related to Ending OCSP Support in 2025 - Let's Encrypt ? If so, I guess webserver config need to be updated to not include OCSP stapling anymore.