CAA bug forces Let’s Encrypt to revoke millions of certificates

Over the past decades, vast swathes of the Internet have moved to encryption. Web traffic was a bit of an issue for a lot of website owners because companies charged quite a bit of money for SSL certificates, but that changed a couple of years ago with the arrival of Let's Encrypt. This non-profit has Google, Facebook, Mozilla, Cisco, and others, as its sponsor and offers businesses and the general public free-to-use certificates.

Unfortunately, a bug in Let's Encrypt CAA (Certification Authority Authorization) code has forced the firm to revoke certificates. All Let's Encrypt certificates that might not have had proper CAA record checking will be revoked today.

Website owners will need to manually force renewal, otherwise browsers will start displaying TLS security warnings. Some website hosts will do this automatically for you.

Let's Encrypt uses Certificate Authority software called Boulder. Typically, a Web server that services many separate domain names and uses Let's Encrypt to secure them receives a single LE certificate that covers all domain names used by the server rather than a separate cert for each individual domain.

The bug LE discovered is that, rather than checking each domain name separately for valid CAA records authorizing that domain to be renewed by that server, Boulder would check a single one of the domains on that server n times (where n is the number of LE-serviced domains on that server). Let's Encrypt typically considers domain validation results good for 30 days from the time of validation—but CAA records specifically must be checked no more than eight hours prior to certificate issuance.

In total, just over 3 million certificates are affected by this bug.

Via: ARS Technica