GoDaddy hands out SSL certificates like candy

      Comments Off on GoDaddy hands out SSL certificates like candy

GoDaddy hands out SSL certificates like candyDue to a software glitch, web host and internet domain registrar GoDaddy recently issued thousands of SSL certificates (which ensure secure communications between a website and an internet browser) without proper domain validation.

All certificates have been withdrawn in order to prevent hackers from exploiting potentially serious security vulnerability. The problem, which was reported to GoDaddy by a Microsoft customer, arose on January 3rd, but due to the holiday season it was not fixed until a few days later.

GoDaddy has stated that it is not aware of any malicious attempts to exploit the security vulnerability, but is carrying out a full post mortem and introducing automated tests designed to detect this type of scenario in future.

Read more at http://www.ibtimes.co.uk/godaddy-forced-revoke-8850-ssl-certificates-prevent-serious-security-flaw-being-exploited-1600711

Share