Certificate Reissue

Scheduled Maintenance Report for Chargify

Completed

This maintenance window is completed.

Posted Jun 05, 2020 - 15:26 CDT

Update

All customer-facing certificates have been replaced. Please reach out if you have any further connectivity issues.

Posted Jun 05, 2020 - 15:24 CDT

In progress

Scheduled maintenance is currently in progress. We will provide updates as necessary.

Posted Jun 01, 2020 - 11:47 CDT

Scheduled

Over the weekend, we have taken steps to remove the offending expired AddTrust External CA Root from our certificate bundles. This has resolved SSL issues with our API for most of our merchants. We are still working to reissue our certificates in a manner that these much older clients can trust.

Some merchants may still experience issues accessing the Chargify API via a client that does not have updated trusted root certificates.

In the meantime, Chargify merchants can fix this for themselves by adding more recent root certificates to their trust stores. Add either one of these to the certificate store used by your client:
https://crt.sh/?id=1199354
https://crt.sh/?id=1720081

Note the “Download Certificate: PEM” link on the above webpages to obtain the certificate.

For example, if you are using curl as your client, you can specify a certificate authority file to use:
curl --cacert /etc/ssl/1199354.crt -u API_KEY:X https://subdomain.chargify.com/subscriptions.json

The above is an example. How to install or use the updated certificate is dependent on your client.
You can learn more here: https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA03l00000117LT

Posted Jun 01, 2020 - 11:44 CDT

This scheduled maintenance affected: API.

Subscribe to Incident