Plasma Cloud SSL/TLS cloud certificate expiring on January 14th, 2021
Plasma Cloud is a cloud company concerned with providing a secure service, and thus authenticates and encrypts all its services with SSL/TLS certificates. For this, it relies on a well-established SSL/TLS certificate provider, Let’s Encrypt. As some of you may already know, Let’s Encrypt is updating its certificate authority (CA) in 2021. This update affects both client devices, such as old smartphones and notebooks with old operating systems that haven’t been updated in a while, as well as Plasma Cloud on many levels.
The team behind Plasma Cloud has been busy behind the scenes to prepare for a smooth transition to ensure minimal disruption to our services. However, in some cases, manual intervention from users is required to ensure Plasma Cloud devices can continue connecting to the cloud from January 14th, 2021 onward. To learn whether a direct action is required from you, please read this document carefully.
Which Plasma Cloud devices are affected?
Starting with the good news, all devices running firmware version 3.4.17 or newer are already using the new certificate and are thus not affected. In this article we underline the importance of keeping your devices up-to-date as any device running on outdated software may become incompatible or a potential security risk over time.
For all those devices running firmware version 3.4.16 or older, such as unboxed devices waiting to be installed for the first time, a direct action is required. Please note that if these Plasma Cloud devices are deployed after January 14th, they will still connect to the Internet and their LEDs will show the “online” status as usual. However, they won’t be able to report statistics and retrieve configurations from Plasma Cloud.
What to do?
Basically, you need to make sure your Plasma Cloud devices successfully upgrade to firmware version 3.4.17 or newer. To do this, you have two options:
- Before January 14th, you can simply add these devices to a Plasma Cloud network in the console; bring them online, and wait for the upgrade to happen. To speed it up, you can clear the maintenance window from every slot (thus allowing the cloud to trigger an upgrade as soon as the device goes online), or force the upgrade manually on the Plasma Cloud console.
- From January 14th onward, you will have to manually re-flash devices with firmware version 3.4.17 or newer before bringing them online. Please note that Access Point and Switch re-flashes require different procedures. Check out this article to re-flash your APs, and this article to re-flash your Switches.
Will there be more changes in the future?
Security technology at Let’s Encrypt is constantly evolving and Plasma Cloud is taking necessary steps to stay up-to-date. Most changes and improvements are happening behind the scenes and don’t require user intervention. Currently, the next major Let’s Encrypt certificate authority update is scheduled for 2035.
How are Plasma Cloud services affected?
Third party devices all around the world connect to our website, support system, console, etc. securely via SSL/TLS. Smartphones and notebooks that haven’t been updated with the latest Let’s Encrypt certificates are equally affected by the Let’s Encrypt CA update. In this case, you may try updating your browser which provides SSL/TLS certificates. The problem is especially severe for any pre-2017 smartphones and notebooks for which the vendor does not provide updates. In case of issues with these devices, you may directly contact your vendor for more information.