• Overview
    • Django
    • Next.js
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    • Observability
    • Auto-scaling
    • Marketing Teams
    • Retail
    • Higher Education
  • Pricing
  • Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Contact
  • Login
  • Free Trial
Cover image

Let's Encrypt mis-issued certificates

February 03, 2022

On Tuesday 25 January 2022, Let's Encrypt was notified of a compliance issue with their "TLS Using ALPN" validation method (TLS-ALPN-01).

Even though Let's Encrypt fixed the issue, all certificates generated before 00:48 UTC on 26 January 2022 were considered mis-issued. In compliance with the Let’s Encrypt CP, they began to revoke mis-issued certificates at 16:00 UTC on 28 January 2022.

What's the impact for Platform.sh customers

There are multiple methods (aka “challenges”) available (HTTP-01, DNS-01, TLS-SNI-01, and TLS-ALPN-01) for generating a Let's Encrypt certificate. Because TLS-ALPN-01 method isn't used at Platform.sh, no impact is expected for our customers.

What are the different challenge types

All the challenge types are documented here: https://letsencrypt.org/docs/challenge-types/

What's Let's Encrypt

A service provided by the Internet Security Research Group (ISRG), Let’s Encrypt is a free, automated, and open certificate authority (CA) run for the public’s benefit.

Get the latest Platform.sh news and resources

Related Content

Don’t be held to ransom: Security awareness with Platform.sh

Don’t be held to ransom: Security awareness with Platform.sh

AboutSecurity and complianceTrust CenterBoard and investorsCareersPressContact us
Leader Winter 2023
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceManage your cookie preferencesReport a security issue
© 2023 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺