Let's Encrypt Soon to Revoke Millions of Active Certificates
According to a recent Mozilla Bugzilla post, Let's Encrypt has issued millions of active certificates without properly following CAA checks. Users of Let's Encrypt multi-domain SSL certificates need to act as if their certificates are affected.
According the post, a CAA error checking flaw occurs when a new CAA record is created for a domain already authenticated for an existing Let's Encrypt certificate and then a second certificate request comes to Let's Encrypt between eight hours and thirty days later. Affected certificates, due for revocation, were issued under those circumstances.
It appears very difficult for subscribers to determine if their multi-domain LE certificates will be part of this revocation. To know so would require understanding of the exact timing of changes to the CAA record and certificate issuance at a very precise level of detail. It may not be practical for Let's Encrypt to make these determinations either, considering that the present state of a CAA record does not indicate the record's condition when a given certificate was issued.
The post doesn't state how LE intends to determine which multi-domain certificates were affected. I have to wonder if it's possible to make such a determination with confidence and suspect that LE will ultimately be forced to revoke all active multi-domain certificates issued before the bug fix was in place. To be safe, subscribers should act as if all multi-domain SSL certificates from Let's Encrypt are due for revocation in the next four days.
Recent years have seen an increase in the frequency and scope of forced revocations due to mismatches with published industry requirements. Automated certificate deployment, discovery, and replacement is an essential safeguard against outage caused by such a revocation event. Users of certificates in volume need to treat certificate automation as a must-have capability to maximize uptime.