← Internet Security Research Group cases
Bugzilla #1799755 Certificate Problem Report

Let's Encrypt: End Entity CRLs Not Reissued On Time

RESOLVED FIXED Internet Security Research Group
AI Summary

Let's Encrypt experienced a failure to update its Certificate Revocation Lists (CRLs) for approximately 11 days, from October 27 to November 8, 2022. This issue was reported by third parties and was due to configuration errors that prevented the CRL Updater from functioning correctly. During this period, 96,354 revoked certificates were not reflected in the CRLs, although up-to-date revocation status was available via OCSP. The issue was resolved on November 8, 2022, and all remediation items were completed by December 7, 2022.

Model: gpt-4o-mini Generated: 2026-06-13 21:17 UTC Confidence: 1.00
Chronology
  1. Last CRL update published.
  2. CRL updates resumed.
  3. All remediation items completed.
Participants
J.C. Jones [:jcj] Sam Harrington Ryan Dickson Preston
External References
Original Bugzilla Case bugzilla.mozilla.org
Similar Local Cases
#1742704 RESOLVED Certificate Problem Report Opened 2021-11-23 · Closed 2024-05-09 · 58% similar
Let's Encrypt: Potential Denial of Service against websites with broad private key reuse
AI Summary CA Owner
#1886876 RESOLVED Certificate Problem Report Opened 2024-03-21 · Closed 2024-04-17 · 57% similar
Let's Encrypt: keyCompromise key blocking deviation from CP/CPS
AI Summary CA Owner
#1645276 RESOLVED Certificate Problem Report Opened 2020-06-12 · Closed 2023-02-22 · 52% similar
Let's Encrypt: Expired ISRG Root OCSP X1 Certificate
AI Summary CA Owner
#1666047 RESOLVED Certificate Problem Report Opened 2020-09-18 · Closed 2023-02-22 · 51% similar
Let's Encrypt: 302 total OCSP responses available beyond acceptable timelines
AI Summary CA Owner
#1793114 RESOLVED Certificate Problem Report Opened 2022-09-30 · Closed 2023-02-22 · 51% similar
Let's Encrypt: Incomplete and Inconsistent CRLs
AI Summary CA Owner
#2044788 ASSIGNED Certificate Problem Report Opened 2026-06-03 Still Open · 50% similar
Let's Encrypt: CRLs Temporarily Missing Revoked Serials
AI Summary CA Owner
#1391867 RESOLVED Certificate Problem Report Opened 2017-08-19 · Closed 2023-02-22 · 50% similar
Let's Encrypt: Non-BR-Compliant Certificate Issuance
AI Summary CA Owner
#1625322 RESOLVED Certificate Problem Report Opened 2020-03-26 · Closed 2023-02-22 · 50% similar
Let's Encrypt: Failure to revoke key-compromised certificates within 24 hours
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action