Some well-known websites could stop functioning properly on Wednesday, 4 March, after a bug was found in the digital certificates used to secure them, the BBC reported last night.The organisation that issues the certificates revealed that three million need to be immediately revoked.
Visitors to affected sites will be greeted with an alert warning them the site is insecure. One expert said the issue could result in a “loss of trust”. In a notification email to its clients, the organisation said: “We recently discovered a bug in the Let’s Encrypt certificate authority code.
“Unfortunately, this means we need to revoke the certificates that were affected by this bug, which includes one or more of your certificates. To avoid disruption, you’ll need to renew and replace your affected certificate(s) by Wednesday, March 4, 2020. We sincerely apologise for the issue.”
🔑Let's Encrypt will revoke 3 million TLS/SSL certificates in a few hours because of a bug (4 march 00:00 CET) .
⚠️ You should check if you are affected now using https://t.co/nGoWc2bqao otherwise your website won't be accessible ⚠️
Source: https://t.co/TMBfSXU2C8 #letsencrypt
— Tristan (@sf_tristanb) March 3, 2020
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.