The most popular free certificate signing authority Let’s Encrypt is going to revoke more than 3 million TLS certificates within the next 24 hours that may have been issued wrongfully due to a bug in its Certificate Authority software.
The bug, which Let’s Encrypt confirmed on February 29 and was fixed two hours after discovery, impacted the way it checked the domain name ownership before issuing new TLS certificates.
As a result, the bug opened up a scenario where a certificate could be issued even without adequately validating the holder’s control of a domain name.
The Certification Authority Authorization (CAA), an internet security policy, allows domain name holders to indicate to certificate authorities (CAs) whether or not they are authorised to issue digital certificates for a specific domain name.
Let’s Encrypt considers domain validation results good only for 30 days from the time of validation, after which it rechecks the CAA record authorizing that domain before issuing the certificate. The bug — which was uncovered in the code for Boulder, the certificate signing software used by Let’s Encrypt — is as follows:
“When a certificate request contained N domain names that needed CAA rechecking, Boulder would pick one domain name and check it N times.” In other words, when Boulder needed to parse, for example, a group of 5 domains names that required CAA rechecking, it would check one domain name 5 times as opposed to checking each of the 5 domains once.
The company said the bug was introduced as part of an update back in July 2019.
This means that Let’s Encrypt might have issued certificates that it shouldn’t have in the first place, as a result of which it’s revoking all the TLS certificates that were affected by the bug.
The development comes as Let’s Encrypt project announced last week that it had issued its one-billionth free TLS certificate since its launch in 2015.
images from Hacker News