Typesense - Notice history

We're now going to be working with our SSL cert provider to identify how to best roll out this new Root CA without affecting older runtimes. This issue only affected: 1) Clusters that were provisioned during the duration of this incident 2) Clusters whose configuration (RAM, CPU, Typesense Version, etc) was changed during the duration of this incident. Existing clusters that were already running prior to the duration of this incident were unaffected.

As the volume of reports started increasing, to prevent more users on older OS / runtimes from running into this issue, we decided to roll back to the previous SSL certificate temporarily. We've also canceled the scheduled roll out of this new SSL certificate to existing clusters. If you're running into SSL cert issues, and if you provisioned a cluster or made config changes during the time frame of this incident, you want to do a [rolling restart](https://cloud-help-center.typesense.org/article/33-restart-typesense-cloud-cluster) to refresh your SSL certificate. Alternatively, the certs will also be automatically rolled back in the next few hours. We're now going to be working with our SSL cert provider to identify how to best roll out this new Root CA without affecting older runtimes. This issue only affected: 1) Clusters that were provisioned during the duration of this incident 2) Clusters whose configuration (RAM, CPU, Typesense Version, etc) was changed during the duration of this incident. Existing clusters that were already running prior to the duration of this incident were unaffected.

We started getting sporadic reports of a few users running into SSL certificate issues when connecting to their Typesense Cloud clusters. On closer investigation, we found that they were trying to connect to Typesense from older operating systems or older runtimes that bundle their own root CAs (like Node.js), which hadn't updated their Root CA store recently. Updating their OS / runtime CA certificates, to the latest version fixed the issue for them. Our SSL provider started using a new Root CA certificate to sign our certificate this year, and this new root CA certificate wasn't available on older runtimes. So manually updating the root CA store on users' computers fixed the issue, so that the SSL cert presented by Typesense Cloud was able to be validated successfully.