A couple of weeks back, we saw some big-name websites impacted by the expiration of a root certificate provided by a major SSL provider, Lets Encrypt.
Lets Encrypt is known for their offering of free SSLs.
Certificates that had been issued by an expired root certificate would not be trusted anymore. Let’s Encrypt tried to mitigate issues caused by the expiration of the root certificate through a new cross-signed root certificate (that is valid until September 30, 2024. Whilst there does appear to have been plenty of advanced warning from Lets Encrypt to its customers about its pending expiry on 30 Sept 2021 and how to move to a new root certificate, it still impacted major companies.
It was expected that the expired root certificate problem would be limited to devices bought before 2017 that use the Let’s Encrypt digital certificate and haven’t updated their software. However, many users faced issues last week despite having up-to-date devices and software.
Whilst Lets Encrypt offers free SSLs, that appear to be secure, it’s still important to ensure that your company has the right SSLs in place for your critical websites. That may mean budgeting for SSLs certificates, however having that peace of mind and knowing your websites are secure, outweighs the risk experienced by Lets Encrypt certificates.
At brandsec we offer multiple SSL solutions from Digicert, Sectigo and Thawte. Talk to Brandsec on how we can assist with SSL management and work with you to implement the right solution for your business.
Brandsec is a corporate domain name management and brand protection company that look after many of Australia, New Zealand and Asia’s top publicly listed brands. We provide monitoring and enforcement services, DNS, SSL Management, domain name brokerage and dispute management and brand security consultation services.