Skip to main content

Millions of websites may need to refresh security certificates

(Image credit: Image Credit: Geralt / Pixabay)

Millions of websites could today malfunction due to a bug in their security certificates.

Let's Encrypt, a non-profit that issues web certificates (small pieces of code that ensure the traffic between the visitor and the website remains encrypted), has warned its clients of a bug in the certificate's authority code.

The administrators of the affected websites were told the following:

"To avoid disruption, you'll need to renew and replace your affected certificate(s) by Wednesday, March 4, 2020. We sincerely apologise for the issue."

Visitors to websites that fail to replace their certificates will be greeted with a security warning. According to the BBC, some webmasters complained Let’s Encrypt only gave its clients around an hour’s notice.

Alan Woodward, a professor of computer science at Surrey University, told the BBC  the company acted “responsibly” by notifying its clients of the bug, but that uncertainty still looms.

"Nobody knows how they will deal with it. Businesses will have to apply for a new certificate so there could be an interruption to services which will result in a loss of trust," he said.

 A total of three million certificates were pulled as a result of the bug.