![Are Recent Certificate Outages a Sign of the Times? [Encryption Digest 51] - cover graphic](/_next/image/?url=https%3A%2F%2Fcdn.venafi.com%2F994513b8-133f-0003-9fb3-9cbe4b61ffeb%2F6ed86069-bc9c-484d-909f-1c8b160b84dd%2Faid_field_img__32dfc66cd6d52cd3d863bedd468f21d2.jpg%3Fw%3D864%26h%3D370%26fm%3Dwebp%26q%3D75%26fit%3Dcrop&w=3840&q=75&dpl=dpl_3EAuLccmwaq4KZ9GcZftJq5NbwLA){kind=small}
Certificate-based outages rank among the most embarrassing and avoidable website disasters. Simply forgetting to renew an expired certificate will undoubtedly cost your business time, money and, perhaps most tragically, user retention. After all, 79% of online shoppers report they are unlikely to return to a website after a negative experience.
In the last few weeks, tech giants such as Apple and GitHub have fallen prey to security certificate-based outages. Learn all the juicy details of these certificate management mishaps, and how Venafi can help you avoid similar complications on your own website.
An expired SSL certificate takes down GitHub
GitHub, the well-known development platform and code respository, was down for the second time in 2020 with an outage lasting around half an hour. The outage occurred after a certificate related to GitHub’s CDN (content delivery network) was allowed to expire.
Text-based content was able to function thanks to a valid certificate on the main server, but the expired certificate prevented images, CSS stylesheets, JavaScript files, and anything separate from the CDN server from loading. In other words, their meticulously-structured and beautifully-designed layout vanished!
GitHub was able to install a new certificate within an hour, but it wasn’t soon enough to keep millions of users from being frustrated and confused by the blunder. Thanks to the recent reduction of certificate lifespans, GitHub can expect their new SSL certificate to be valid no later than November 2021.
CIO Study: Automation Vital to Address Shorter Lifespans and Massive Growth of TLS/SSL Certificates
Revoked certificate blocks Mac users from their HP devices
Certificate-based blunders seem to be happening more and more lately! Apple users were left unable to use their HP printers after Apple revoked a security certificate for HP’s print drivers.
After a routine update of Apple’s security tools, XProtect and MRT, many Apple users were left unable to use their HP printers. Revoked security certificates have caused macOS versions ranging from El Capitan to Catalina to interpret HP print drivers as malware, and no longer allow them to function.
For the moment, users can use a workaround to generate a self-signed certificate for their HP devices, then uninstall and reinstall the printer to their Mac computer. Apple has clearly stated that it was HP that advised them to revoke the certificates, despite the fact that users were still relying on them, and Apple PKI withdrew the revocation of HP’s certificate at their request.
While it’s still unclear why any of this occurred in the first place, there’s no doubt that this security certificate snafu negatively impacted more than a few loyal Apple users.
How to prevent certificate-based outages once and for all
No website is immune to the perils of an outage. Just this week YouTube succumbed to a worldwide outage, and users were unable to load standard videos or access YouTubeTV for over two hours. A global survey conducted by Venafi confirms that nearly 80% of organizations have suffered at least one certificate-related outage, and the biggest challenge is often finding the expired certificate.
The good news is that these outages are easily avoidable when a reliable and automated system is in place. TLS Protect allows you to track and manage both internal and external certificates. With automatic early warning notifications, certificate-based outages will soon feel like a bad dream.
Get a 30 Day Free Trial of TLS Protect Cloud, Automated Certificate Management.
Related posts