Cyber security news for all


    Expired root certificate from Sectigo leads to errors in many cases

    The AddTrust External Root certificate expired last Saturday. This was planned, but due to an incorrect implementation, some clients continue to try to build a certificate chain for the expired root certificate, fail and then report an incorrect certificate.

    Actually, the expiry of the certificate should not be a problem. Sectigo owns and uses newer root certificates that are still valid. Modern clients trust these root certificates and automatically use certificate chains that use these newer root certificates. All common browsers behave this way and are therefore not affected by the problem.

    The problem arises from an intermediate certificate that servers send especially for older clients. Very old clients who did not trust the newer root certificates from Sectigo could use the intermediate certificate to create a certificate chain for the root certificate. The intermediate certificate, like the affected root certificate has now expired, which should only affect the very old clients described.However, more modern clients who trust the newer root certificates should find that they can construct a valid certificate chain even without this intermediate certificate – just by using the newer root certificates.

    Older Versions Of The OpenSSL Libraries Are Apparently Affected

    Programs that use these libraries try to build a chain over the expired intermediate certificate even if this is not really necessary because they trust the newer roots of Sectigo. But because the intermediate certificate has now expired, these clients fail and report a certificate error, which in the worst case does not even show which certificate has expired.

    Users affected by the problem can try to remove the AddTrust External Root from the certificates that their system trusts. At least some systems can handle an unknown certificate better than an expired one and then switch to certificate chains to the newer root certificates. With appropriate updates from the client, AddTrust External Root should also automatically disappear from systems sooner or later.

    Recent Articles

    Maze leaks data on its own platform

    The Maze ransomware has been up to almost a year and a half. This week, security experts warned about the actions of the cyber...

    Emotet to spread the malware behind email archives

    If you find an attached pack to an email these days, you should be particularly careful: the highly developed malware Emotet could be lurking...

    500,000 Activision accounts have been leaked

    Activision has taken a position on the alleged leak. According to the publisher, there has never been a data leak. In some cases it is...

    Judge issues injunction against WeChat

    The US government wanted to take action against the app WeChat. A judge stood sideways. The app should disappear from the platforms in the...

    Mail provider Tutanota becomes target of cyber attacks

    Over the weekend, ongoing DDoS attacks and an infrastructure problem resulted in downtime for hundreds of users. While some were able to mitigate most...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox