Let's Encrypt CAA Rechecking Incident

Let's Encrypt basically secures the internet. Hosting As A Service companies like Google Cloud, Amazon Web Services, Heroku all use them to issue certificates. Let's Encrypt just celebrated issuing 1 billion certificates!

Recently, they found a bug which makes some of these certificates less secure. So they are revoking 3,048,289 certificates. It goes into affect March 4, 2020.

So if you are an affected user, you may visit your website or company intranet after that date and be shown a scary certificate warning.

Let's Encrypt has tried to contact affected users if they had valid information on file.

To check to see if one of your domains is vulnerable, you can open a Terminal on Mac or Linux and paste in the following:

DOMAINS=( www.example.com letsencrypt.org ); for DOMAIN in "${DOMAINS[@]}"; do curl -XPOST -d "fqdn=$DOMAIN" https://unboundtest.com/caaproblem/checkhost; done

Above checks www.example.com and letsencrypt.org. Change the domains to suite your needs. Add as many websites as they want followed by a space (there must be a space before and after the parentheses).

For more information on the incident, visit https://letsencrypt.org/caaproblem/.

navigate_before navigate_next
Home Approach Focus Case Studies People Careers Blog Contact