We have a firewall that has started flagging x1.c.lencr.org as a compromised website.
I see Let's Encrypt owns the domain, but not sure what is going on with our firewall?
I assume the traffic to this domain is legit?? Anyone else having any similar issues?
Host: x1.c.lencr.org
Path: /
Categories: Compromised Websites
What firewall and where does your firewall gets its block lists from? Any specific block list triggering the LE domain?
It is a Watchguard firewall. I am not sure where they get their block lists.
We are aware that this domain has been flagged in some systems as compromised and are working to remediate that error.
Let's Encrypt owns the domain and hosts the Root X1 CRL on that domain.
You can read about lencr.org here
You can read a little about why we have a CRL here
Possible false possitive:
VirusTotal
We experienced the same thing and I opened a case with WatchGuard to find out if it's a false positive or no. They said it is indeed, so the domain should now be available again.
They work with Forcepoint.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.