Let’s Encrypt revokes a large number of SSL certificates

Schutz vor Ransomware mit einem Fully-Encrypted Lifecycle Management

Let's Encrypt revokes a large number of SSL certificates

By Kevin Bocek, Vice President, Security Strategy &Threat Intelligence at Venafi

Kevin Bocek, VP Security Strategy and Threat Intelligence at Venafi

The Let’s Encrypt certificate authority has gained a lot of popularity among developers in recent years, as it provides them with a quick, free and easy way to issue TLS machine identities for all types of important web services – from websites to customer applications. Our recent crawler report with Scott Helme shows that Let’s Encrypt now provides millions of active certificates – 28 percent of the top 1 million websites use the service. So if Let’s Encrypt suddenly has to revoke millions of certificates – as is currently the case – then this can lead to major upheavals and endanger critical services, as companies have to find and reissue tens of thousands of computer identities within just two days. Doing this manually is next to impossible and very prone to potentially costly errors – even more so when you consider that companies could have more than 57,000 computer identities that they are not even aware of. To protect themselves from such increasingly common events, security teams should automate the management of computer identities. In this way, you save your computers from the need for manual rotation, replacement and license revocation and do not have to fear the consequences if misconfigurations such as those of Let’s Encrypt occur.

Outsourced software development company | Outstaffing services

Ready to see us in action:

More To Explore

Enable registration in settings - general
Have any project in mind?

Contact us: