Today Let's Encrypt announced that they would revoke a batch of certificates issued due to a bug in their CAA code. Let's Encrypt provided a list of all certificates impacted. After comparing this list to the Let's Encrypt certificates requested by DNSimple, we have found a small number of certificates that were issued to our customers that will be revoked.
We are addressing this issue by taking the following steps:
If you use our HTTPS redirector for URL forwarding then you will not need to take any action, our system will automatically handle the distribution of the new certificates and start using the new certificate as soon as it is issued. The revoked certificate will be ignored.
If you use one of the impacted Let's Encrypt certificates on servers you operate, then you will need to install the new certificate bundle once the certificate is issued. You will find the new certificate in your account. If you listen to our webhooks, we will be sending a
certificate.issue with the new certificate once available in your account for download.
If you have any questions, please contact us and we will be happy to help.
I break things so Simone continues to have plenty to do. I occasionally have useful ideas, like building a domain and DNS provider that doesn't suck.
Get a free limited-edition t-shirt featuring the characters of howdns.works and howhttps.works with any new yearly subscription to DNSimple.
Configure HTTPS redirects with our easy-to-use DNSimple Redirector and a certificate from your DNSimple account.