Incidents

Topic	Replies	Views	Activity
About the Incidents category	0	3071	January 9, 2016
2025.06.09 Deployed Unreviewed Boulder Code	0	154	June 18, 2025
2025.03.18 Early CRL Removal	1	352	March 25, 2025
2025.03.21Failure to Document Analysis of Detected Vulnerabilities	0	166	March 21, 2025
2024.09.27 No Meaningful Subject Distinguished Name	3	661	October 4, 2024
2024.03.28 CP/CPS Deviation Regarding keyCompromise Key Blocking	0	365	March 28, 2024
2023.06.15 Certificate Policies Extension Mismatch	4	2405	June 20, 2023
2022.11.08 End Entity CRLs Not Reissued On Time	0	588	November 16, 2022
API traffic from Plesk is blocked	1	1094	April 28, 2022
2022.01.29 Failure to provide OCSP Responses for some certificates	0	911	February 2, 2022
2022.01.25 Issue with TLS-ALPN-01 Validation Method	2	37837	February 2, 2022
Log4j vulnerability (CVE-2021-44228)	0	4697	December 11, 2021
2021.10.11 Certificate Mis-Issuance related to Internationalized Domain Names (IDN) formatting	0	1115	October 13, 2021
2021.09.07 Delay updating OCSP responses	2	1145	September 10, 2021
2021.06.09 Non-Revocation of Certificates from Previous Incident (certificate lifetimes)	0	1232	June 10, 2021
2021.06.08 Certificate Lifetime Incident (valid for an extra one second)	0	25969	June 9, 2021
2020.12.22 Failure to audit log subscriber certificate OCSP updates	0	1003	December 23, 2020
2020.09.08 Failure to renew OCSP responses within acceptable timelines	0	980	September 28, 2020
2020.06.08 Delegated OCSP Signer Expiration for Alternate Chains	0	1504	June 12, 2020
2020.02.29 CAA Rechecking Bug	3	138444	March 7, 2020
2019.11.17 Autoincrement maxed out	1	4226	November 23, 2019
2019.08.28 Let’s Encrypt OCSP Responder Returned “Unauthorized” for Some Precertificates	0	1830	August 29, 2019
2019.08.20 Incorrect OCSP responses under certain conditions	0	1366	August 27, 2019
2019.01.03 Donor Email Option Not Respected	0	1402	January 9, 2019
2018.11.30 Production Google CT Log Submission Failures	0	1849	December 18, 2018
2018.08.23 OCSP Responder Incident	0	2411	August 23, 2018
2018.07.30 Domain Resolution Interruption	0	3559	August 2, 2018
2018.05.29 Subscriber Email Address Disclosure	0	1880	May 30, 2018
2018.05.18 CAA tag value case sensitivity incident	0	1856	May 18, 2018
2018.03.12 Wildcard Certificate Encoding Issue	0	5842	March 13, 2018

About the Incidents category

0

3071

January 9, 2016

2025.06.09 Deployed Unreviewed Boulder Code

0

154

June 18, 2025

2025.03.18 Early CRL Removal

1

352

March 25, 2025

2025.03.21Failure to Document Analysis of Detected Vulnerabilities

0

166

March 21, 2025

2024.09.27 No Meaningful Subject Distinguished Name

3

661

October 4, 2024

2024.03.28 CP/CPS Deviation Regarding keyCompromise Key Blocking

0

365

March 28, 2024

2023.06.15 Certificate Policies Extension Mismatch

4

2405

June 20, 2023

2022.11.08 End Entity CRLs Not Reissued On Time

0

588

November 16, 2022

API traffic from Plesk is blocked

1

1094

April 28, 2022

2022.01.29 Failure to provide OCSP Responses for some certificates

0

911

February 2, 2022

2022.01.25 Issue with TLS-ALPN-01 Validation Method

2

37837

February 2, 2022

Log4j vulnerability (CVE-2021-44228)

0

4697

December 11, 2021

2021.10.11 Certificate Mis-Issuance related to Internationalized Domain Names (IDN) formatting

0

1115

October 13, 2021

2021.09.07 Delay updating OCSP responses

2

1145

September 10, 2021

2021.06.09 Non-Revocation of Certificates from Previous Incident (certificate lifetimes)

0

1232

June 10, 2021

2021.06.08 Certificate Lifetime Incident (valid for an extra one second)

0

25969

June 9, 2021

2020.12.22 Failure to audit log subscriber certificate OCSP updates

0

1003

December 23, 2020

2020.09.08 Failure to renew OCSP responses within acceptable timelines

0

980

September 28, 2020

2020.06.08 Delegated OCSP Signer Expiration for Alternate Chains

0

1504

June 12, 2020

2020.02.29 CAA Rechecking Bug

3

138444

March 7, 2020

2019.11.17 Autoincrement maxed out

1

4226

November 23, 2019

2019.08.28 Let’s Encrypt OCSP Responder Returned “Unauthorized” for Some Precertificates

0

1830

August 29, 2019

2019.08.20 Incorrect OCSP responses under certain conditions

0

1366

August 27, 2019

2019.01.03 Donor Email Option Not Respected

0

1402

January 9, 2019

2018.11.30 Production Google CT Log Submission Failures

0

1849

December 18, 2018

2018.08.23 OCSP Responder Incident

0

2411

August 23, 2018

2018.07.30 Domain Resolution Interruption

0

3559

August 2, 2018

2018.05.29 Subscriber Email Address Disclosure

0

1880

May 30, 2018

2018.05.18 CAA tag value case sensitivity incident

0

1856

May 18, 2018

2018.03.12 Wildcard Certificate Encoding Issue

0

5842

March 13, 2018