Incidents

Topic	Replies	Views	Activity
About the Incidents category	0	3072	January 9, 2016
2025.07.21 Complete API outage	0	274	September 2, 2025
2025.06.09 Deployed Unreviewed Boulder Code	0	162	June 18, 2025
2025.03.18 Early CRL Removal	1	369	March 25, 2025
2025.03.21Failure to Document Analysis of Detected Vulnerabilities	0	170	March 21, 2025
2024.09.27 No Meaningful Subject Distinguished Name	3	669	October 4, 2024
2024.03.28 CP/CPS Deviation Regarding keyCompromise Key Blocking	0	369	March 28, 2024
2023.06.15 Certificate Policies Extension Mismatch	4	2413	June 20, 2023
2022.11.08 End Entity CRLs Not Reissued On Time	0	591	November 16, 2022
API traffic from Plesk is blocked	1	1098	April 28, 2022
2022.01.29 Failure to provide OCSP Responses for some certificates	0	915	February 2, 2022
2022.01.25 Issue with TLS-ALPN-01 Validation Method	2	37845	February 2, 2022
Log4j vulnerability (CVE-2021-44228)	0	4705	December 11, 2021
2021.10.11 Certificate Mis-Issuance related to Internationalized Domain Names (IDN) formatting	0	1115	October 13, 2021
2021.09.07 Delay updating OCSP responses	2	1152	September 10, 2021
2021.06.09 Non-Revocation of Certificates from Previous Incident (certificate lifetimes)	0	1236	June 10, 2021
2021.06.08 Certificate Lifetime Incident (valid for an extra one second)	0	25976	June 9, 2021
2020.12.22 Failure to audit log subscriber certificate OCSP updates	0	1005	December 23, 2020
2020.09.08 Failure to renew OCSP responses within acceptable timelines	0	981	September 28, 2020
2020.06.08 Delegated OCSP Signer Expiration for Alternate Chains	0	1506	June 12, 2020
2020.02.29 CAA Rechecking Bug	3	138479	March 7, 2020
2019.11.17 Autoincrement maxed out	1	4226	November 23, 2019
2019.08.28 Let’s Encrypt OCSP Responder Returned “Unauthorized” for Some Precertificates	0	1832	August 29, 2019
2019.08.20 Incorrect OCSP responses under certain conditions	0	1366	August 27, 2019
2019.01.03 Donor Email Option Not Respected	0	1403	January 9, 2019
2018.11.30 Production Google CT Log Submission Failures	0	1850	December 18, 2018
2018.08.23 OCSP Responder Incident	0	2412	August 23, 2018
2018.07.30 Domain Resolution Interruption	0	3560	August 2, 2018
2018.05.29 Subscriber Email Address Disclosure	0	1882	May 30, 2018
2018.05.18 CAA tag value case sensitivity incident	0	1859	May 18, 2018

About the Incidents category

0

3072

January 9, 2016

2025.07.21 Complete API outage

0

274

September 2, 2025

2025.06.09 Deployed Unreviewed Boulder Code

0

162

June 18, 2025

2025.03.18 Early CRL Removal

1

369

March 25, 2025

2025.03.21Failure to Document Analysis of Detected Vulnerabilities

0

170

March 21, 2025

2024.09.27 No Meaningful Subject Distinguished Name

3

669

October 4, 2024

2024.03.28 CP/CPS Deviation Regarding keyCompromise Key Blocking

0

369

March 28, 2024

2023.06.15 Certificate Policies Extension Mismatch

4

2413

June 20, 2023

2022.11.08 End Entity CRLs Not Reissued On Time

0

591

November 16, 2022

API traffic from Plesk is blocked

1

1098

April 28, 2022

2022.01.29 Failure to provide OCSP Responses for some certificates

0

915

February 2, 2022

2022.01.25 Issue with TLS-ALPN-01 Validation Method

2

37845

February 2, 2022

Log4j vulnerability (CVE-2021-44228)

0

4705

December 11, 2021

2021.10.11 Certificate Mis-Issuance related to Internationalized Domain Names (IDN) formatting

0

1115

October 13, 2021

2021.09.07 Delay updating OCSP responses

2

1152

September 10, 2021

2021.06.09 Non-Revocation of Certificates from Previous Incident (certificate lifetimes)

0

1236

June 10, 2021

2021.06.08 Certificate Lifetime Incident (valid for an extra one second)

0

25976

June 9, 2021

2020.12.22 Failure to audit log subscriber certificate OCSP updates

0

1005

December 23, 2020

2020.09.08 Failure to renew OCSP responses within acceptable timelines

0

981

September 28, 2020

2020.06.08 Delegated OCSP Signer Expiration for Alternate Chains

0

1506

June 12, 2020

2020.02.29 CAA Rechecking Bug

3

138479

March 7, 2020

2019.11.17 Autoincrement maxed out

1

4226

November 23, 2019

2019.08.28 Let’s Encrypt OCSP Responder Returned “Unauthorized” for Some Precertificates

0

1832

August 29, 2019

2019.08.20 Incorrect OCSP responses under certain conditions

0

1366

August 27, 2019

2019.01.03 Donor Email Option Not Respected

0

1403

January 9, 2019

2018.11.30 Production Google CT Log Submission Failures

0

1850

December 18, 2018

2018.08.23 OCSP Responder Incident

0

2412

August 23, 2018

2018.07.30 Domain Resolution Interruption

0

3560

August 2, 2018

2018.05.29 Subscriber Email Address Disclosure

0

1882

May 30, 2018

2018.05.18 CAA tag value case sensitivity incident

0

1859

May 18, 2018