Millions of websites put at risk after encryption fault
Let's Encrypt has revoked over three million TLS certificates.
The Let's Encrypt project has announced that it will revoke more than three million TLS certificates after a bug was discovered in its Certification Authority Authorization (CAA) code.
The bug impacts the server software used by Let's Encrypt, called Boulder, which allows the project to verify users and their domains before a TLS certificate can be issued. Let's Encrypt has decided to revoke the TLS certificates because the implementation of the CAA specification inside Boulder was affected by the bug.
CAA is a security standard that was approved back in 2017. It allows domain owners to prevent the organizations that issue TLS certificates, called Certificate Authorities (CAs), from issuing certificates for their domains.
By adding a “CAA field” to a domain's DNS records, a domain owner can make it so that only the CA listed in the CAA field has the ability to issue a TLS certificate for their domain. Certificate Authorities, such as Let's Encrypt, are required to follow the CAA specification exactly or they could risk facing penalties from browser makers.
Revoking TLS certificates
After becoming aware of the issue, Let's Encrypt engineer Jacob Hoffman-Andrews disclosed the fact that a bug in Boulder had led the server software to ignore CAA checks in a forum post, saying:
“The bug: when a certificate request contained N domain names that needed CAA rechecking, Boulder would pick one domain name and check it N times. What this means in practice is that if a subscriber validated a domain name at time X, and the CAA records for that domain at time X allowed Let’s Encrypt issuance, that subscriber would be able to issue a certificate containing that domain name until X+30 days, even if someone later installed CAA records on that domain name that prohibit issuance by Let’s Encrypt.”
The Let's Encrypt project worked quickly to patch the bug over the weekend and Boulder is now able to verify CAA fields properly before issuing any new certificates. Thankfully, it is very unlikely that someone exploited the bug, according to the project.
As of today, the Let's Encrypt project has revoked all of the certificates that were issued without proper CAA checks. Now all of the impacted certificates will trigger security errors in browsers until domain owners make a request for a new TLS certificate to replace the old one.
Want to get the best solution for your business?
At Tristar Tech Solutions, we take a realistic approach to technology – ensuring our client’s systems are best protected.
If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might be and identify actions to take.
To book a consultation or to arrange a further discussion, please get in touch.