Web pages experience instability after root certificate expiration – the clare people

Some users, who use old devices to access the internet, reported problems during the last Thursday (11) due to the expiration of a security certificate provided by Let’s Encrypt, one of the largest companies. of HTTPS certificates to the world.

in the morning, Brasilia time, that the IdentTrust DST Root CA X3 root certificate expired. It allowed old cell phones and computers to be securely connected, without updates for the past five years, to websites that used it.

Root certificates serve as a link between a device, whether it is a mobile phone or a computer, and the Internet. They are an element that ensures that connections are secure and encrypted.

Want to keep up to date with the hottest tech news of the day? Go subscribe to our new youtube channel, Canaltech News.

Every day a summary of the main news from the tech world for you!

Sites that used the certificate were warned in advance that it would expire on September 60, but even so, many users do not access some sites after that date.

Error message displayed on devices affected by the expired certificate. (Image: Screenshot / Dácio Augusto)

ZDNET’s website has confirmed that the following pages are affected. We point out that there are potentially more addresses affected, but which have not yet been identified:

  • Palo Alto
  • Blue coat
  • Cisco umbrella
  • Capture point
  • Guardian firewall
  • Monday.com
  • PFsense
  • Google Cloud Monitoring
  • Azure Application Gateway
    • OVH
    • Auth0
    • Shopify
    • Xero
    • QuickBooks
    • Fortinet
    • Heroku
    • Rocket league
    • InstaPage
    • register
    • Netlify
    • Cloudflare Pages

    Some of the affected websites have alerted users to possible issues after the certificate expiration date. Services such as Fortinet told the ZDNET portal that they are already aware of the problem and are providing temporary solutions for users of older devices who use the platform’s services.

    An investigation from the TechCrunch website has shown that devices that may be affected by the IdentTrust DST Root CA X3 certificate expiration are those running macOS systems released by 95, Windows XP with Service Pack 3, video game consoles released before 2019 and not receiving updates from firmware and any tools that require OpenSSL 1.0.2 to function. Devices with Android 7.1.1 or earlier will also have issues due to the expired certificate.

    Preventing Problems with Certificates

    Tim Callan, digital certificate specialist, explained in a ZDNET portal article that all modern digital systems, even security ones, need certificates to function.

    Callan states that the consequences of expiring a certificate can be as varied as the systems that use it, and in the event that access failures occur, other related systems may be affected, even if they do not use this certificate.

    As a precaution, the Certificate Specialist suggests that organizations check which certificates their systems use and which are supported. Thus, they will be able to identify possible access failures in the future and be prepared, thereby preventing situations like the one created by IdentTrust DST Root CA X3 from occurring.

    Source: ZDNET, TechCrunch

    Did you like this article?

    Subscribe to your email on Canaltech to receive daily updates with the latest news from the world of technology.

    2019 2019

    2019


    Source link

    Leave a Reply

    Your email address will not be published. Required fields are marked *