Many websites had their HTTPS certificates incorrectly scrapped, meaning that for some people their browsers no longer trust websites and refuse or are reluctant to access them, reported The Register on October 13.
The report, in part, added:
“Specifically, it appears GlobalSign inadvertently triggered the revocation of its intermediary certificates while updating a special cross-certificate. This smashed the chain of trust and ultimately nullified SSL/TLS certificates issued by GlobalSign to its customers … leaving folks unable to easily read their favorite webpages.
“GlobalSign claims the worldwide mass revocation is an “unexpected consequence” of internal changes it made, and that browsers and other software “incorrectly inferred” that certificates had been burned.”
GlobalSign said it could take days for websites’ accidentally axed certs to be corrected.
0 Comments