Search Information Security site

 

Main menu

Legacy SSL Root Certificate Expiration on Saturday Morning May 30

You may already be aware that a major SSL root certificate will expire this Saturday, May 30, 2020, between 6:00 - 7:00 AM Eastern time.  

This notice is to raise awareness that a root certificate expiration can have negative impact, and if you are a server administrator, you may need to act if the server certificate stores are not up to date. 

Most systems will handle this without impact if the root certificate store of the server has been updated in the last two years, but legacy systems, embedded systems, and some Linux systems may have issues.  The SSL root certificate expiration affects SSL connections and can specifically affect SSL LDAP connections and cause them to fail.

ITS has been proactively working on this issue as a Priority 1 incident to assess, test, and fix any affected ITS core systems. If you experience issues with any ITS services, please contact the UVA Help Desk at http://in.virginia.edu/helpdesk or use the LSP Portal (LSP Enhanced Support) to create a case. 

The following resources describe the expiration, potential impacts, and solutions in more detail: 

https://www.cmu.edu/iso/service/cert-auth/addtrust.html 

https://sectigo.com/resource-library/sectigos-addtrust-root-is-soon-to-expire-what-you-need-to-know 

https://thesslonline.com/blog/sectigo-addtrust-external-ca-root-expiring-may-30-2020 

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form