Root certificate used by OpenVPN SSL client expired
Incident Report for FlyData
Postmortem

Incident Description: Data synchronisation has been halted due to an error “OpenSSL::SSL::SSLError” error=“SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed". Error has been first logged on May 30, 2020 8:30 PM UTC.

Root cause: - One of the root certificates (Sectiago root certificate) used by the OpenVPN ssl client to connect to the data source expired on May 30, 2020.
- This issue was not in anyway related to Flydata's core system/application. For more information, please refer this https://www.agwa.name/blog/post/fixing_the_addtrust_root_expiration

Resolution: The expired certificate has been updated and data synchronisation for all customer has since been resumed.

Next Steps: We have looked into all root certificate expirations and have set a clear action plan of updating/renewing the certificates before the expiry dates to avoid such issues in future.

Posted Jun 12, 2020 - 10:48 UTC

Resolved
One of the root certificates (Sectiago root certificate) used by the OpenVPN ssl client to connect to the data source expired on May 30, 2020. The expired certificate has been updated and data synchronisation for all customer has since been resumed.
Posted May 30, 2020 - 20:30 UTC