Let’s Encrypt has announced that it will have to revoke many Let’s Encrypt TLS/SSL certificates from March 4. It’s currently in the process of emailing affected subscribers so that they can update their certificates. The need to revoke these certificates comes after a Certificate Authority Authorization rechecking bug was found.
In an email that has gone out to those with affected certificates, Let"s Encrypt says:
“Unfortunately, this means we need to revoke the certificates that were affected by this bug, which includes one or more of your certificates. To avoid disruption, you’ll need to renew and replace your affected certificate(s) by Wednesday, March 4, 2020. We sincerely apologize for the issue.
If you’re not able to renew your certificate by March 4, the date we are required to revoke these certificates, visitors to your site will see security warnings until you do renew the certificate. Your ACME client documentation should explain how to renew.”
If you use Let’s Encrypt certificates, you can use this tool to find out whether you’ll need to update your certificates. If it looks as though you need to update your certificates it’s advised that you read this thread and search the community forums if you have any questions. If you still have a question but don’t see anything appropriate you should head to the “Help” section on the Let’s Encrypt forum and ask the questions in the template as you compose your post.
The certificate revocations will begin from 00:00 UTC on March 4 which is less than 8 hours away. End users don’t have to worry too much about this, however, you may see security warnings on websites that have failed to renew their certificates.