DigiCert is warning that it will be mass-revoking SSL/TLS certificates due to a bug in how the company verified if a customer owned or operated a domain and requires impacted customers to reissue certificates within 24 hours.
It is unclear how many certificates will be revoked during this process, but the company says it affects approximately 0.4% of the applicable domain validations they have conducted between August 2019 and June 2024.
DigiCert is one of the prominent certificate authorities (CAs) that provides SSL/TLS certificates, including Domain Validated (DV), Organization Validated (OV), and Extended Validation (EV) certificates.
These certificates are used to encrypt communication between a user and a website or application, increasing security against malicious network monitoring and man-in-the-middle attacks.
When issuing a certificate for a domain, a certificate authority must first perform Domain Control Verification (DCV) to confirm that the customer owns the domain.