Some PIV and CAC users experiencing issues authenticating

Incident Report for Login.gov

Resolved

In order to help some users experiencing issues with the expired Let's Encrypt CA X3 certificate we have updated our SSL certificate for the PIV/CAC service to use an alternate SSL trust chain.

This may help some users until their operating system and web browser patches are installed.

We are closing this incident and will continue to monitor PIV and CAC usage.

Posted Sep 30, 2021 - 17:52 EDT

Update

More information can be found from Let's Encrypt here - https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

Posted Sep 30, 2021 - 12:01 EDT

Monitoring

Let's Encrypt's CA X3 certificate expired today. Some users are reporting issues authenticating using PIV or CAC cards at this time.

Users experiencing issues should use another MFA method if available. They are also urged to install any pending OS and browser updates as soon as possible.

Posted Sep 30, 2021 - 11:58 EDT

This incident affected: Login (secure.login.gov).