Let's Encrypt DST Root CA X3 root certificate expiry
Incident Report for PassFort
Resolved
The DST Root CA X3 root certificate, used as one of two root certificates for Let’s Encrypt SSL certificates, including those used by PassFort, expired September 30 14:01:15 2021 UTC. Customers using OpenSSL version before 1.1.0 or who did not have Let’s Encrypt’s new root certificate would have experienced SSL certificate verification errors connecting to the PassFort API since 14:01 UTC. We are in the process of issuing and deploying a replacement certificate through Comodo to mitigate this issue with some customers. Please be aware that this change may cause SSL certificate verification errors if your systems are configured to only expect PassFort to serve SSL certificates issued by Let’s Encrypt.

PassFort will return to serving with SSL certificates issued by Let's Encrypt in 10 days time. Customers who have been impacted should follow the remediation steps specified by Let's Encrypt at https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ before that time.
Posted Sep 30, 2021 - 18:12 BST
This incident affected: PassFort Environments (🇪🇺 EU - identity.passfort.com).