On February 29 2020, Let's Encrypt discovered a bug affecting millions of issued SSL certificates. These certificates will be revoked on March 4th. You can read the announcement on LetsEncrypt website.
In a notification email to its clients, the organisation said: "We recently discovered a bug in the Let's Encrypt certificate authority code."
"Unfortunately, this means we need to revoke the certificates that were affected by this bug, which includes one or more of your certificates. To avoid disruption, you'll need to renew and replace your affected certificate(s) by Wednesday, March 4, 2020. We sincerely apologise for the issue."
Digital certificates are basically small pieces of code created by using sophisticated mathematics that ensure that communication between devices or websites are sent in an encrypted manner, and are therefore secure.
They play an essential role in keeping IT infrastructure up and running safely and are issued by certificate authorities, who electronically verify that the certificates are genuine. When issued, these certificates are given an expiration date of anything between a few months and several years.
Visitors to those websites not able to renew their certificate by this date will see security warnings telling them that the site is insecure.
On a community forum, one website manager, based in New Zealand, complained he had only received "75 minutes" notice of the need to update, which he said was "unacceptable".
In order to ensure your sites certificates remain in place, we recommend you check your site using this service and issue a new certificate if your certificate was affected.
If you're not able to renew your certificate by March 4, visitors to your site will see security warnings until you do renew the certificate.
The ACME client documentation should explain how to renew. If you are using Certbot, the command to renew is:
certbot renew --force-renewal
Comments