Here’s how SDN’s Managed Services team is keeping customers connected.
September 30th is being referred to by some as an Internet Blackout day. This event is being caused by an expired software certificate. The certificate plays a role in enhancing the security of internet communications. With its expiration, it may create gaps in security for a number of internet-connected devices.
Communication over the internet depends on reliable, secure channels. One of the technical methods for doing this is utilizing a software certificate to perform a level of encryption for that communications channel. This is what happens when we visit a website that starts with “https” (the ‘s’ tells us it is secure).
“Let’s Encrypt” is a free certificate authority that generates these software certificates for some websites. Since its inception, it has grown to be the largest certificate issuer in the world. The certificate used by “Let’s Encrypt” expired today.
Our cross-signed DST Root CA X3 expired today. If you are hitting an error, check out fixes in our community forum. We're seeing higher than normal renewals, so you may experience a slowdown in getting your certificates. https://t.co/y4J4nNWBoU
— Let's Encrypt (@letsencrypt) September 30, 2021
The good news is that there is an updated certificate available; the bad news is the transition to the new certificate is not exactly a seamless process.
It takes time. While devices have the expired certificate in place, users will encounter issues with reaching some websites. The role of network security devices is to block what they deem as bad traffic. Traffic linked to an expired certificate is viewed as such.
SDN Communications saw this issue impact a number of its Managed Firewall customers today. Users were trying to reach standard websites and started receiving error messages. SDN staff worked with customers to confirm issues were due to an expired certificate.
To help prevent any negative impact to business operations, our staff has been able to implement a configuration change that allows them to function. Through consultation with our customers, we are able to educate them on the potential security impacts of allowing expired certificates and balance that with their company’s risk tolerance.