Jump to content

Digicert to Crowdstrike - Hold My Beer

Draconator

By Draconator
in Off the Wall

 Share

Recommended Posts

Draconator Veteran

Draconator

Posted
Posted

Digicert made a oopsie. They had an error in their Domain Name Validation for each and every cert they issued from June 8th and before. 

So what do they do? They decided to invalidate all certs issued by them before June 8th. 

They gave 15-hour notice to all companies worldwide that they would need to update their certs, or they would be invalidated and domains would go down. (July 30th, 3:00 pm EDT. Notice was given at 11:00 pm July 29th).

A couple of companies got together and filed a temporary restraining order against Digicert to stop the invalidating of certs. Through lawyers, Digicert now has a deadline for everyone to refresh certs by 3:00 pm EDT today (July 31st). Companies can file an extension until August 3rd. 

 

To say it's been a cluster f is a gross understatement.

  • Like (+1) 1
  • Shocked 1
Link to comment
Share on other sites
Draconator Veteran

Draconator

Posted
  • Author
Posted
21 minutes ago, Johnny Hammersticks said:

https://www.bleepingcomputer.com/news/security/digicert-mass-revoking-tls-certificates-due-to-domain-validation-bug/amp/
 

For those of you who need CliffsNotes.  I read the OP twice and still didn’t fully understand what this was about.

I was working on my day off. This is a massive company effort where I work. My manager was on-line for 26 hours straight. 

 

So just a bit tired we all are.

  • Like (+1) 1
Link to comment
Share on other sites
Ridgewaycynic2013 Hall of Famer

Ridgewaycynic2013

Posted
Posted
4 minutes ago, Draconator said:

I was working on my day off. This is a massive company effort where I work. My manager was on-line for 26 hours straight. 

 

So just a bit tired we all are.

Pizza party on Friday!

*
(Mandatory $10 donation.) 😐

  • Haha (+1) 2
Link to comment
Share on other sites
The Poojer Hall of Famer

The Poojer

Posted
Posted

That explains some little bugs i saw in our ERP communication as well as other systems today

 

11 hours ago, Draconator said:

Digicert made a oopsie. They had an error in their Domain Name Validation for each and every cert they issued from June 8th and before. 

So what do they do? They decided to invalidate all certs issued by them before June 8th. 

They gave 15-hour notice to all companies worldwide that they would need to update their certs, or they would be invalidated and domains would go down. (July 30th, 3:00 pm EDT. Notice was given at 11:00 pm July 29th).

A couple of companies got together and filed a temporary restraining order against Digicert to stop the invalidating of certs. Through lawyers, Digicert now has a deadline for everyone to refresh certs by 3:00 pm EDT today (July 31st). Companies can file an extension until August 3rd. 

 

To say it's been a cluster f is a gross understatement.

  • Like (+1) 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...