3 million Let’s Encrypt certificates to be cancelled

Let's Encrypt CAA flaw

Let’s Encrypt revoked certificates

Let’s Encrypt has announced that it is to revoke aroound 3 million TLS/SSL certificates because of a serious flaw found in the CAA (Certificate Authority Authorization). The certificates will be revokend on the 4th March 2020 from 00:00 UTC.

Let’s Encrypt has around 116 million certificates issued at the moment which means that around 2.6% of them are to be revoked. Sites that have not reissued their certificates will find that users will be unlikely to visit them as they will be warned when trying to visit that the site is likely to be fake or compromised as the certificate has been revoked.

A revoked certificate is far worse from a security point of view for users as it shows that positive action has been taken to make users aware that the certificate has been tagged as “Not to be trusted“.

How can you fix it?

If you own a website that uses Let’s Encrypt, an automated free certificate system, then you should get your certificate changed ASAP. It is free and easy to do. There is a list of the affected certificate serial numbers which can be downloaded here and there is a tool that you can use to check your site here. Let’s Encrypt has sent an email notification to those that have registered an email address whith them but many are thought to be out of date and to be that of their hosting provider. If you are unsure please use the tools to check your site yourself.

Our clients who use Let’s Encrypt

CritchCorp Computers Ltd has already checked all of our clients sites that use Let’s Encrypt certificates; which come FREE with any of our Feature Rich Hosting accounts. Also anyone using a paid certificate from CritchCorp Computers Ltd is not affected by this latest issue.

If you are affected then you should contact your hosting company or webmaster urgently to get the issue resolved. If you have no-one to contact then we maybe able to help, please submit a support ticket from our store ticket system.

Is Let’s Encrypt still good?

We have been asked whether or not Let’s Encrypt certificates are safe given the latest bug. We are confident that they are a great starter certificate and are much better than having no certificate. Let’s Encrypt have been upfront and transparent about the issue and that is exactly what they should do, so we are confident that they ACME system is a good way to ensure that all sites have some form of security. If your site need better security or more gurentees about who you are and better protection then you should upgrade to a paid certificate whch come with different levels of security and guarentees.

Stay Safe

Support.

Comment (11)

  • Rdrussemack| 7 August, 2020

    This is concerning for everyone in the industry. I am worried.

  • Rdrussemack| 8 August, 2020

    In fact, what can we do about this problem?

    • CritchCorp| 8 August, 2020

      For complete peace of mind you can buy a certificate, they start at around £10 per year if you can do it yourself or around £50 per year if you want a managed one that you don’t need to worry about.

  • Merri| 9 August, 2020

    Will I still be able to use Let’s Encrypt for my website?

  • Cynthia| 9 August, 2020

    This is very scary, What does it mean for the future of Let’s Encrypt certificates?

    • CritchCorp| 9 August, 2020

      They will still be around for some time to come, but they are rumored to be downgraded in time by the browsers.

  • Emilio Fantin| 9 August, 2020

    Hi are using WordPress for your site platform? I’m new to the blog world but I’m trying to get started and set up my
    own. Do you need any coding knowledge to make your own blog?
    Any help would be really appreciated!

    • CritchCorp| 9 August, 2020

      Hi,

      We have many different platforms available including WordPress. If you signup for one of our new cPanel hosting accounts you will have access to over 470 different one-click software installs. You can then find the best one that suits your needs. If you require further assistance then the best thing to do is to signup for a FREE account and then submit a support ticket. We will be able to assist you more fully from there.
      You can also use our FREE website software to get started.

  • Britney| 10 August, 2020

    If youu would like to griw your familiarity simply keep visitinng this web site and be updated with the most up-to-date news posted here.

    • CritchCorp| 11 August, 2020

      Thank you for your comments, we try our best to keep people informed in an easy to understand way.

      Keep safe

      CritchCorp Support

  • Leave a Reply

    Your email address will not be published. Required fields are marked *