Open in app

Sign in

Write

Sign in

Let’s Encrypt changed plan about revoking certificates

If your SSL certificate was issued by Let’s Encrypt, there was risk for their bug. Check the safety of your SSL certificate.

Jangwook Kim
2 min readMar 7, 2020
SSL Certificate

In 29 February 2020, Let’s Encrypt announced they found a bug in their CAA code, so they decided to revoke 2.6% of all certificates.

2020.02.29 CAA Rechecking Bug

On 2020-02-29 UTC, Let's Encrypt found a bug in our CAA code. Our CA software, Boulder, checks for CAA records at the…

community.letsencrypt.org

But they gave us just 36 hours to refresh certificates, and that is too short time to notice we need to some action. Almost 1 million certificates aren’t refreshed before 30 minutes of the revocation.

So Let’s Encrypt announced again that they don’t revoke certificates force.

Because the certificate life time is only 90 days, so they can decide like this.

How to check the safety of SSL certificate?

The published web application to check the safety.

Check whether a host's certificate needs replacement

On February 29 2020, Let's Encrypt discovered a bug in how we recheck CAA records at issuance time. Details are…

checkhost.unboundtest.com

And, I also published application has same function using above web application.

Let's Encrypt Domain Checker | WWW.JANGWOOK.NET

Let’s Encrypt announced that there is bug in CAA code. It’s application for checking safety of your SSL certificates.

www.jangwook.net

Ssl Certificate
Lets Encrypt
Bugs
Toyproject

--

--

Jangwook Kim

Written by Jangwook Kim

90 Followers

Korean, live in Japan. The programmer. I love to learn something new things. I’m publishing my toy projects using GitHub. Visit https://www.jangwook.net.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams