Encrypt the revocation of tens of millions of SSL certificates

Let & # 39; s Encrypt has introduced a bug affecting greater than Three million web sites utilizing their Let’s Encrypt safety certificates. Let & # 39; s Encrypt revoke greater than Three million affected certificates on March 4, 2020.

Websites whose certificates have been revoked might begin to show insecure icons within the browser, which might result in much less site visitors and fewer gross sales. The publishers of the websites involved should submit a brand new request for a brand new certificates with the intention to regain safe standing.

Encrypt the bug announcement

Encrypt let clients know that it’s going to revoke safety certificates on March 4, 2020:

"As a result of 5.6k CAA 2020.02.29 bug, we sadly should revoke many TLS / SSL certificates from Let’s Encrypt."

Certificates will start to be revoked at 3:00 p.m. EST.

Who’s affected by the SSL certificates bug?

This bug impacts 2.6% of publishers who depend on Let’s Encrypt for his or her safety certificates. This equates to greater than three million web sites.

Emails have been despatched to the affected publishers.

When you’ve got not obtained an electronic mail, it’s attainable that you will have been affected because the discover might not have been despatched for all the standard causes (test your spam folder).

There’s a option to confirm. The next net web page has a diagnostic software to determine if yours is likely one of the affected websites:

https://checkhost.unboundtest.com

You can even obtain a listing of all related URLs right here.

In case your website is affected, right here is the warning that the software gives you:

allows to encrypt the bug "width =" 600 "height =" 419 "sizes =" (max-width: 600px) 100vw, 600px "data-srcset =" https://cdn.searchenginejournal.com/wp-content/uploads / 2020 /03/lets-encrypt-bug-warning-5e5f5eb0db95e.png 600w, https://cdn.searchenginejournal.com/wp-content/uploads/2020/03/lets-encrypt-bug-warning-5e5f5eb0db95e-480x335. png 480w "data-src =" https://cdn.searchenginejournal.com/wp-content/uploads/2020/03/lets-encrypt-bug-warning-5e5f5eb0db95e.pngThat is the warning message that you’ll obtain in case your Let & # 39; s Encrypt safety certificates is affected and must be renewed.

In accordance with Let’s Encrypt’s announcement:

"The bug: When a certificates request contained N domains requiring a brand new CAA verification, Boulder selected a site title and verified it N occasions.

In observe, which means if a subscriber has validated a site title at time X and the CAA information for this area at time X have enabled Let & # 39; s Encrypt to be issued, this subscriber might concern a certificates containing this area title for as much as X + 30 days, even when somebody later put in CAA registrations on this area title that prohibit the issuance by Let & # 39; s Encrypt.

We confirmed the bug at 2020-02-29 03:08 UTC, and stopped the printed at 03:10. We deployed a repair at 5:22 UTC, then reactivated the printed. "

Learn the announcement publish right here:

https://neighborhood.letsencrypt.org/t/2020-02-29-caa-rechecking-bug/114591

Learn the certificates revocation announcement right here:

https://neighborhood.letsencrypt.org/t/revoking-certain-certificates-on-march-4/114864

Extra sources