1.7 million SSL certificates issued free of charge by Let’s Encrypt had to be revoked due to an incorrect verification of the CAA DNS record. Until further notice, another 1.3 million certificates remain valid. This message is currently in the media causing some uncertainty. We have summarized the most important questions for you:
How are websites with invalid certificates displayed in browsers?
“Not secure” warnings in the browser bar can lead to loss of traffic and therefore to loss of revenue – immediate action is highly recommended.
How can you have a new certificate issued for affected websites?
There is no uniform solution on the part of Let’s Encrypt – individual solutions need to be detected.
Why were you (probably) not informed directly by Let’s Encrypt?
When using Let’s Encrypt certificates, it’s not necessary to provide a contact email address. Only some of the affected users were informed – the problem was detected too late and web admins only had 24 hours to react. Let’s Encrypt is a free, automated and open certificate authority that offers no support.
Better protected and well informed
We inform you proactively and reliably about innovations, changes, updates and offer fast support.
Our recommended course of action
There is nothing to do from your side because EnterCloud keeps your server’s software up to date so you always have the latest security patches.