We have been made aware of the CAA re–checking bug, first reported on 29th February 2020 which impacted Let's Encrypt SSL and TLS certificates, which many of our clients use in order to provide secure connections to and from their websites. Only 2.6% of the certificates Let's Encrypt has issued since 1st November 2019 were effected, and usually only in cases where certificates are re–issued regularly. The bug itself results from duplicate certificates being issued to websites.
As of 4th March 2020 it will be necessary for Let's Encrypt to revoke certificates that have been issued in duplicate and the result is that web browsers will begin to alert users that sites which have been effected do not have a current security certificate. In addition, any services which require a secure connection (such as API access or credit card payment submissions) would fail.
In order to avoid our client's end–users receiving these notices and ensure continued access to services which require secure connections, we have renewed all SSL and TLS certificates for all sites which we manage directly. Clients and end–users will not notice these renewals, and we will continue to monitor the situation in order to ensure that this does not occur again, and take any action necessary to ensure that our clients are not impacted.
Clients who subscribe to VPS, Hosted or Dedicated web services, should renew all Let's Encrypt SSL and TLS certificates in order to avoid any disruption in service.