Let’s Encrypt certificate authority (CA) is going to revoke over 3 million certificates today due to a vulnerability in software used to verify users and their domains before issuing a certificate.
A bug in Let’s Encrypt’s certificate authority (CA) software, dubbed Boulder, caused the correct validation for some certificates.
The bug impacted the way the CAA (Certificate Authority Authorization) specification is implemented by the Boulder.
The CAA security feature allows domain owners to prevent Certificate Authorities (CAs) to issue certificates for their domains.
Domain owners can add a “CAA field” to their domain’s DNS records, this implies that only the CA included in this field can issue a TLS certificate for that domain.
Every CA must check CAA records at most 8 hours before a certificate is issued for a certain domain, but the bug caused a domain on a multi-domain certificate to be checked numerous times rather than all the domains on the certificate being checked at the same time.
This behavior caused certificates to be issued without the proper CAA list
“Let’s Encrypt found a bug in our CAA code. Our CA software, Boulder, checks for CAA records at the same time it validates a subscriber’s control of a domain name. Most subscribers issue a certificate immediately after domain control validation, but we
“The bug: when a certificate request contained N domain names that needed CAA
Let’s Encrypt is revoking 3,048,289 certificates, ~116 million certificates (2.6%) are active.
The organization confirmed the bug at 2020-02-29 03:08 UTC, and two minutes later halted issuance. In a couple of hours (05:22 UTC) it fixed the problem and re-enabled issuance.
According to Let’s Encrypt, the bug was likely introduced on 2019-07-25.
Users can check if their domain is affected by this bug querying the tool at https://checkhost.unboundtest.com/.
More information about the bug is available here.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Let’s Encrypt)
[adrotate banner=”5″]
[adrotate banner=”13″]