In a recent turn of events, a significant issue related to digital signatures has led to disruptions in various business integrations, causing frustration and concern among affected parties. QuickBooks Desktop integrations have reportedly been failing with an alarming error message: “The certificate was revoked by its certificate authority.” The problem appears to have widespread implications across multiple companies and integrations.
Initial Discovery and Technical Details
The issue came to light on August 22, 2023, when several QuickBooks Desktop integrations experienced failures, citing the error “The certificate was revoked by its certificate authority.” The problem seemed rooted in the explicit revocation of the certificates issued by Symantec Class 3 SHA256 Code Signing CA. Further investigation revealed that the certificate details displayed an authority info access method pointing to servers owned by Symantec and DigiCert.
The revocation status was complicated by an offline revocation server, which led to a lack of proper certificate validation. Users noticed that the root certificate, issued by VeriSign, was also revoked. With these observations in mind, concerned individuals initiated contact with both DigiCert and VeriSign in an attempt to resolve the issue.
Efforts to Resolve the QuickBooks Issue
Initial attempts to resolve the issue led to DigiCert’s assertion that the problem rested within the domain of their “MPKI” team. Subsequent calls and communications were made to various support teams, as individuals sought answers and solutions.
DigiCert’s transition from Symantec prompted individuals to contact Symantec’s new entity, leading to an assurance that the issue was rooted in DigiCert’s jurisdiction. It became apparent that the issue was not a simple oversight, as teams within DigiCert embarked on investigations to understand the core of the problem.
Community Contributions and Workarounds
Amid the ongoing dilemma, community members rallied together to provide potential solutions. A PowerShell script emerged as a workaround to eliminate revoked digital signatures, allowing users to restore functionality to their integrations. The script was shared via GitHub as a means to help those affected by the issue. The solution garnered attention for its simplicity and effectiveness, providing a way to address the problem on an individual basis.
Furthermore, a workaround involving the installation of the .NET Framework 4.0 and the Windows 10 SDK was discovered. Utilizing the signtool.exe utility, users were able to remove revoked digital signatures from executables and DLL files in affected integrations, effectively reinstating their functionality.
Call for Resolution and Community Support
As the issue continues to impact various business operations, affected parties are eagerly awaiting a comprehensive resolution from DigiCert. The incident underscores the critical role that digital signatures play in maintaining the security and functionality of software integrations.
The collaboration and resourcefulness exhibited by the community in devising workarounds are a testament to the resilience of those affected by the issue. While the investigation and resolution efforts are ongoing, the proactive response from individuals and the sharing of solutions offer a glimmer of hope for restoring the seamless operation of critical business integrations.
Please stay tuned for updates as this situation develops further.
Disclaimer: This article is based on information available up to August 24, 2023. For the most current information, please refer to official sources. As of 8/25/2023 users are reporting the issue has been resolved.