Trouble connecting to Mail
Solution: Do a Firmware Upgrades of any IP Phones and make sure your web browsers are all up to date.
Problem: Let’s Encrypt’s root certificate has expired, and it might break your devices
One of the largest providers of HTTPS certificates, Let’s Encrypt, saw its root certificate expire this week — meaning you might need to upgrade your devices to prevent them from breaking.
Let’s Encrypt, a free-to-use nonprofit, issues certificates that encrypt the connections between your devices and the wider internet, ensuring that nobody can intercept and steal your data in transit. Millions of websites alone rely on Let’s Encrypt. But, as warned by security researcher Scott Helme, the root certificate that Let’s Encrypt currently uses — the IdentTrust DST Root CA X3 — was set to expire on September 30. After expiry, computers, devices and web clients — such as browsers — will no longer trust certificates that have been issued by this certificate authority.
For the overwhelming majority of website users, there is nothing to worry about and September 30 will be business as usual. Older devices, however, could run into some trouble, much like they did when the AddTrust External CA Root expired back in May. Stripe, Red Hat and Roku all suffered outages as a result.
“Given the relative size difference between Let’s Encrypt and AddTrust, I have a feeling that the IdenTrust root expiry has the potential to cause more problems,” Helme warned in a blog post, referring to the upcoming expiry.
Devices likely to be affected by the certificate expiry are those that don’t get updated regularly, like embedded systems that are designed not to automatically update or smartphones running years-old software releases. Users running older versions of macOS 2016 and Windows XP (with Service Pack 3) are likely to face issues, along with clients dependent on OpenSSL 1.0.2 or earlier, and older PlayStations that haven’t been upgraded to newer firmware.