How an expired SSL cert took down our checkout for six hours (and what I should have had watching)
An expired SSL certificate caused a six-hour disruption in the checkout process of a website. The monitoring system failed to detect the issue because it did not validate the SSL certificate, leading to a false sense of security. The author outlines the importance of proper SSL monitoring and the lessons learned from the incident.
- ▪The SSL certificate expired 87 minutes before users began experiencing errors.
- ▪The monitoring system only checked for HTTP response codes and did not validate the SSL certificate.
- ▪A DNS validation error during the renewal process contributed to the certificate expiration.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3943096) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } SamReid Posted on May 22 • Originally published at grabdiff.com How an expired SSL cert took down our checkout for six hours (and what I should have had watching) #devops #webdev #security #monitoring The site was "up." The monitor said so. HTTP 200, response times normal, no alerts. What the monitor didn't know - what I didn't know - was that our SSL certificate had expired 87 minutes earlier and every user hitting the site was getting a certificate error in their browser.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).
Discussion
0 commentsMore from DEV.to (Top)
