My domain is: *.forensiq.com
I’m not sure what happened, but it looks like on August 12th the *.forensiq.com certificate was revoked. Our monitoring didn’t pick it up, and it wasn’t until someone was testing something in a browser that we realized the cert was revoked.
Can anyone provide any insights as to why the certificate was revoked? I was able to regenerate one today, and it is currently working without any issues.
Revoked 2019-08-06 16:10:34 UTC
Reason? I don't know. The domain isn't listet (SDN list - Specially Designated Nationals And Blocked Persons List (SDN) Human Readable Lists | U.S. Department of the Treasury ).
Are there other reasons a certificate could be revoked, besides being on that list?
The account or the private key of the certificate is stolen / public etc.
And every account owner is able to revoke the own certificate.
According to the public revocation record, it appears letsencrypt holds the state of the record. Would it be possible to learn the reason code to help narrow down the root cause? Thanks.
We publish OCSP responses which include the Reason Code. @amerenda, you can use your certificate to query OCSP and retrieve the Reason.
Please keep two things in mind:
- OCSP reason codes are fairly generic, it may not be very illuminating
- Revocation of certificates can be performed by any party whom can demonstrate control of all the domain names in a given certificate (Revoking certificates - Let's Encrypt)
On the same day that
*.forensiq.com was revoked, someone issued new certificates for
clients.forensiq.com which had expired two days earlier.
Perhaps there is another individual or team within your organization who is dealing with the various certificates?
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.