Follow

Letsencrypt is going to revoke 3,048,289 certificates tomorrow that "may" have been wrongfully issued due to a wrong CAA DNS check.

To check if you're affected, and need to re-issue certs (before tomorrow!), check here:

letsencrypt.org/caaproblem/

@dansup Anyone affected should have received an email too.

@dansup I force-renewed all certs, it was faster than checking whether I am affected or not or to wait for an email.

They are revoking on March 4 at 00:00 UTC, which is in... less than 3 hours?

@dansup tbh it's easier to just re-issue certs

Après vérifications, le domaine et les sous-domaines de #FédiQuébec sont "OK" à ce sujet.
"It is not one of the certificates affected by the Let's Encrypt CAA rechecking problem."
#LetsEncrypt

@dansup as easy way to check for invalid domains with letsencrypt: $ curl -d 'fqdn=example.com' checkhost.unboundtest.com/chec

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!