Incident Report: Firefox & Internet Explorer Report Revoked Certificate – April 11, 2014

On April 7, as part of our efforts to resolve the Heartbleed issue for, we ordered and released new SSL certs to ensure secure communication between you and
After those new certs were fully deployed and accepted, we requested that our SSL certificate provider revoke the old certificates as part of the best practices steps suggested when resolving Heartbleed.
Unfortunately, by mistake our SSL certificate provider revoked *all* of our certificates for, including the new ones we had just issued. As a result, we’ve had to scramble to deploy a third set of certificates that should now be live.
For a time between 9:30 ET and 10:15 ET (2014-04-11), you may have seen a message like “Certificate Invalid or Revoked” when trying to login to your FormAssembly account when using Firefox or Internet Explorer. Most likely you would not have been able to proceed past that warning.
Form processing was not affected for the vast majority of users during that time (as we rely on separate domains for form processing).
At this time the issue should be resolved. There should be no special action required on your part, and you should be able to access without issue on any browser. If this is not the case, please contact us immediately at [email protected].
We apologize for any inconvenience this may have caused.
The FormAssembly Infrastructure Team
FYI – For those curious or wishing to confirm, the correct certificates for should have a validity date from 2014-04-10 to 2015-09-29.

Don’t just collect data — leverage it.