ZDNet

Let's Encrypt disables TLS-SNI-01 validation

Let's Encrypt has disabled TLS-SNI-01 validation after the discovery of an attack able to hijack certificates using the protocol. The certificate authority, which offers free SSL and TLS certificates ...
Threat Post

Let’s Encrypt to Revoke Millions of TLS Certs

On Wednesday millions of Transport Layer Security certificates will be revoked because of a Certificate Authority Authorization bug. Popular free certificate authority Let’s Encrypt said it will ...
GIGAZINE

Let's Encrypt details changes to certificate issuance, including new certificate chains, removal of Client Authentication EKU, and shorter certificate validity periods.

Let's Encrypt has announced details of its overall policy regarding certificates issued going forward, including 'certificate chain renewal,' 'removal of TLS client authentication EKU (Enhanced Key ...
GIGAZINE

Let's Encrypt announces the introduction of 'short-term certificates,' improving security and enabling issuance by IP address

The Internet Security Research Group (ISRG), which operates Let's Encrypt, announced in its 2024 annual report that it would be able to issue certificates with a validity period of six days in 2025.