As you know, certificates are more heavily used and important than ever to protect communication between clients and services.

Well, the Certificate Authority (CA) Browser (https://cabforum.org/) members recently published a report detailing multiple certificates issued by certification authorities (CA) were out the industry standard for publicly trusted CA’s.

You can read the reports here: https://bugzilla.mozilla.org/show_bug.cgi?id=1649951 and https://bugzilla.mozilla.org/show_bug.cgi?id=1650910

As a result, CA vendors have been starting revoking non-compliant CA’s and reissuing new compliant ones.

This means if you certificate(s) have been issued by one the impacted CA’s (aka revoked/being revoked), you will have to request a re-issue certificate for your services.

You can identify if you are impacted by using the Certificate Revocation tracker ( https://misissued.com/#revoked) or the DigiCert update (https://knowledge.digicert.com/alerts/DigiCert-ICA-Replacement).

Self-issued and Bring Your Own Certificate (BYOC) can also be impacted by the revocation process.