Skip to main content
banner image
venafi logo

GoDaddy Will Revoke Buggy SSL Certificates Tonight. Are You Ready?

GoDaddy Will Revoke Buggy SSL Certificates Tonight. Are You Ready?

GoDaddy Fixes SSL Bug
January 11, 2017 | Scott Carter

Today GoDaddy announced an SSL bug in its certificate validation process. To remedy the problem, the certificate authority will revoke and reissue the faulty certificates. But if an impacted organization is not prepared to act quickly to reinstall and revalidate these new certificates, visitors to their websites may be exposed to error messages or browser warnings. And if they are attempting to replace certificates manually, it could consume valuable staff hours that many organizations cannot spare. 

In a blog post, GoDaddy outlined the certificate impact as follows:

“On Friday, Jan. 6, we learned about a bug that impacted our SSL certification validation process. The bug was introduced on July 29, 2016, and impacted less than 2 percent of the certificates issued from July 29, 2016, to Jan. 10, 2017. It affected approximately 6,100 customers. The software bug that created the issue has been remedied. We continue to closely monitor the system. We will revoke these certificates at 9 p.m. (PST) Jan. 10, 2017. We are actively working with our customers to reissue their SSL certificates.”

GoDaddy’s proactive stance is admirable. But this incident still raises questions about how completely you can trust your CA. Venafi VP of security strategy, Kevin Bocek clarifies the challenge, “As the use of cloud, mobile, and IoT devices drives an explosion in demand for digital certificates businesses need to be prepared to respond to an increase in errors and security compromises from certificate authorities.”

Since human error is inevitable given the vast numbers of certificates that we now require, how quickly are you prepared to react when the SSL flaws do surface? Tim Bedard, director of digital trust analytics for Venafi warns that organizations often don’t have the visibility they need to solve problems like this. As a result, they cannot respond in a timely fashion.

According to Bedard, “Quite often, organizations can’t revoke and replace faulty certificates quickly. In fact, most organizations replace certificates manually, one at a time – a process that is insecure, lengthy and resource intensive. Security issues like this negatively impact any business with an online presence, and the weaker their cryptographic risk posture is, the greater the negative impact.”

The better you are equipped to manage and control your own certificates, the less you will have to rely on the infallibility of any certificates authority. Bocek sums it up the importance of active certificate management, “This is a clearly a wakeup call for businesses. Trust in digital certificates enables the global economy and impacts every Internet user, business, and government, but businesses rely on manual methods to manage them. To protect your business, you must know the location of every certificates in use and be able to replace any of them instantly.”

Does your organization have what it takes to quickly replace vulnerable certificates? 

Like this blog? We think you will love this.
wildcard certificates
Featured Blog

Wildcard Certificates Make Encryption Easier, But Less Secure

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Scott Carter
Scott Carter

Scott is Senior Manager for Content Marketing at Venafi. With over 20 years in cybersecurity marketing, his expertise leads him to help large organizations understand the risk to machine identities and why they should protect them

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more