Throughout May we’ve been migrating our domain’s security certificates. We’ve transitioned from certificates issued by GlobalSign to ones issued by Let’s Encrypt instead.
What Is A Security Certificate?
In essence, a security certificate is what allows you to connect to a website over a secure https connection (instead of traditional, insecure, http). A valid and strong security certificate is what ensures that the connection and traffic between your web browser and the website/service you’re using is encrypted.
What Is A Certificate Authority?
Put simply, a “Certificate Authority” (or CA for short) is an organization responsible for issuing and revoking security certificates. Popular CA’s include Comodo, Symantec, GoDaddy, and GlobalSign to name but a few.
Which Domains Are Affected?
All mid.as domains and *.mid.as sub domains (including our cloud-hosted customer’s domains).
Why Is This Happening?
Our security certificates were due for renewal in June. As part of our continuous commitment to provide visitors to our site and customers alike with the best possible experience, we took the opportunity to review who provides our security certificates. Let’s Encrypt provide HTTPS certificates to over 70 million domains. Switching to certificates issued by Let’s Encrypt allows us to simplify and automate the management of security certificates across our expanding MIDAS network.
Will I Notice Anything Different?
In short, no!
In order to migrate our CA from GlobalSign to Let’s Encrypt, we needed to remove the previous GlobalSign (AlphaSSL) certificate from each *.mid.as domain and install a new Let’s Encrypt certificate in its place. We have being doing this in a phased transition for all *.mid.as domains during the course of May. We’re pleased to report that this transition to Let’s Encrypt is now fully completed.
Here’s how the old and new certificate issuers now look for our *.mid.as domains:
We’d also like to reassure hosted customers that no domains, URLs, or IP addresses have changed as a result of this CA migration.
If you experience any issues or have any concerns, please don’t hesitate to reach out to us and we’ll be happy to help!
A note for cloud-hosted API users
Whilst unlikely, you may initially receive a certificate warning/error when making API calls. This will depend upon your code and development platform/language. Now that the security certificate for your dedicated *.mid.as sub domain has changed, it may temporarily prevent your code/app from working until you accept the new security certificate.
Also, in some rare cases, you may not be able to access the API if your platform/device is listed as incompatible in Let’s Encrypt’s certificate compatibility list.
Finally, please be aware that Let’s Encrypt issues auto-renewing certificates which are valid for fixed periods of 90 days.