A fix has been implemented and we are monitoring the results.
Posted 5 years ago. May 30, 2020 - 18:22 UTC
Identified
The TLS certificate we are using is based upon a cross-signed root certificate issued by Comodo. One of the trust pathways expired at around 7:00AM Eastern Time today. The expired trust pathway has been mitigated in modern and updated software systems including web browsers and operating systems. A handful of clients using older (often unmaintained or unsupported) operating systems and versions including RedHat Linux 4.x or old versions of libcurl and OpenSSL) have been experiencing connectivity issues because updates to root certificates were not available on these older systems.
As a mitigating effort, we identified a third possible trust pathway that many of these older clients might be able to utilize with our cross-signed certificate and we added the appropriate intermediate certificates in the chain in order to allow that alternate pathway to be utilized so long as the additional certificate authority (AAA Certificate Services, expiration 2028) is trusted by the system.
A preliminary analysis appears to show that this is affecting systems which are using an older "root certificate". We are researching the best way to help users mitigate the issue.
We are investigating reports of users receiving TLS certificate validity errors.
Posted 5 years ago. May 30, 2020 - 16:35 UTC
This incident affected: International Street [Address] API (US East 1, US West 1, US Central 1), US Street [Address] API (US East 1, US West 1, US Central 1), US Extract API (US East 1, US West 1, US Central 1), and US ZIP Code API (US East 1, US West 1, US Central 1).