One of the world’s most popular SSL certificate providers, which is widely popular for providing free SSL certificates for websites, is facing some challenges.
Let’s Encrypt, the non-profit certificate authority run by Internet Security Research Group (ISRG) that provides X.509 certificates for Transport Layer Security encryption at no charge faces a lot of trouble caused by a software bug.
Due to a bug discovered in its backend code today, the Let’s Encrypt project will revoke more than a whopping three million TLS certificates.
Boulder which is the server software used by Let’s Encrypt to verify users and their domains before issuing a TLS certificate was impacted by the bug. The implementation of the CAA (Certificate Authority Authorization) specification inside Boulder was impacted by the bug.
The security standard CAA was approved in 2017. It enables domain owners to prevent Certificate Authorities, organizations which issue TLS certificates, to issue certificates for their own domains.
A “CAA field” to a domain’s DNS records by the domain owners and a TLS certificate for that particular domain can only be issued by the CA listed in the CAA field.
Huge penalties can be incurred from the makers of browsers if the CAA specification is not followed by the letter of the law by all similar Certificate Authorities such as that of Let’s Encrypt.
“The bug: when a certificate request contained N domain names that needed CAA rechecking, Boulder would pick one domain name and check it N times. What this means in practice is that if a subscriber validated a domain name at time X, and the CAA records for that domain at time X allowed Let’s Encrypt issuance, that subscriber would be able to issue a certificate containing that domain name until X+30 days, even if someone later installed CAA records on that domain name that prohibit issuance by Let’s Encrypt.” Let’s Encrypt explained after they disclosed that a bug in Boulder ignored the CAA checks in a forum post on Saturday, February 29.
The bug was patched during a two-hour maintenance window by the Let’s Encrypt team on Saturday. Now, the CAA fields are being properly verified by Boulder before issuing new certificates.
The project also mentioned that they find it highly unlikely that someone deliberately exploited this bug.
Active Measures Being Taken By Let’s Encrypt
Yesterday, it was announced that all certificates that have been issued without proper CAA checks, following industry rules, will be revoked as dictated by the CA/B Forum by the Let’s Encrypt project.
The engineers from the Let’s Encrypt Project have reportedly said that only 2.6% out of the currently active 116 million TLS certificates were impacted by this issue, representing 3,048,289 certs.
They have put the actual number of the impacted SSL certificates at a rough figure of two million as out of the three million, one million are duplicates for the same domain/subdomain.
“Because of the way this bug operated, the most commonly affected certificates were those that are reissued very frequently, which is why so many affected certificates are duplicates,” Let’s Encrypt engineers explained today in a special FAQ page dedicated to the incident.
Starting with 00:00 UTC, March 4, 2020, Let’s Encrypt plans to revoke all the impacted certificates.
Errors in browsers and other applications will be triggered by all impacted certs after the above-mentioned date. Therefore, it is advisable that all such domain owners request a new TLS certificate and replace the old one. Security experts, however, believe that it’s better for all webmasters to reissue a new SSL certificate as an extra precautionary measure.
The impacted domain owners have been notified by email however not all users listed a valid contact method said Let’s Encrypt.
A list of impacted TLS certificate serial numbers can be checked on this page by current users of Let’s Encrypt certificates. They can also visit this website and enter their certificate domain name to check if their certificate is one of the impacted ones.
Let’s Encrypt made it as one of the most successful CA to date as last week itself it was announced that it had issued its one-billionth TLS certificate which was completely free.
Although some platform-specific bugs have shown up once in a while, this particular project managed to stay free of any major incidents of abuse in its five-year-old long run. This incident is the first time Let’s Encrypt is having to revoke certificates. However, many of its users are most likely to look the other way now as the project provides free certificates.