For a service that cannot be compared
call Sarah today

Let’s Encrypt CAA security error – does your SSL need renewing?

Let’s Encrypt has recently found a bug in their code for checking and allowing security certificates (SSL) for websites.

Originally they were just going to withdraw the 3 million SSL’s effected! Which would have meant potentially 3 million websites would have failed SSL checks and would have been flagged as “this site is unsecure”, luckily however they realised that this was probably not the wisest decision and have decided to allow those to stand until renewal is due – Lets Encrypt renews every 90 days.

Handily they have supplied us with a tool to check which sites are effected – so if you have a website – click onto and type in your domain name (don’t include the https) part – you will either get a message that says

The certificate currently available on is OK. It is not one of the certificates affected by the Let's Encrypt CAA rechecking problem. Its serial number is 123456789123456789123456789123456789

Meaning you don’t have to do anything – or you will see

The certificate currently available on needs renewal because it is affected by the Let's Encrypt CAA rechecking problem. Its serial number is 123456789123456789123456789123456789. See your ACME client documentation for instructions on how to renew a certificate.

If you get the second message then speak to your hosting provider as soon as you can and ask them to reissue the SSL. If you have a problem with that – or are not sure who to call – drop me an email and I will see what I can do to help!


As a serial entrepreneur it is wonderful to have people in your team that you can rely on to get new ventures off the ground. Sarah’s ability to interpret my (often ill defined) ideas and design websites and other collateral is invaluable. I shall continue to work with her, and appreciate her feedback, for some time to come.

Caroline Billington –