The new certificate has resolved the issue for outdated clients.
Posted Oct 01, 2021 - 10:09 AEST
Monitoring
An alternate SSL certificate has been put in place for api.sc2.sendle.com.
We are seeing successful requests from integrations which were unable to verify the previous certificate.
We are monitoring for issues with this new certificate.
Posted Oct 01, 2021 - 09:43 AEST
Identified
Our Investigation suggests the root cause of the issue is Let's Encrypt's recent root certificate expiry on the 30th of September. Although all SSL certificates used by Sendle have been regenerated and are valid, some outdated client libraries may not work correctly with the new certificate chain in use by Let's Encrypt.
For clients which have not been updated, this issue will prevent Label PDF requests to api.sc2.sendle.com. Calls to api.sendle.com will continue to work. This is because these services use separate SSL certificates.
Clients should review their libraries and ensure all SSL and HTTP client libraries are up to date. System root CA certificate packs may also need to be updated to the latest available for your OS.
In the interim, we are investigating issuing a new certificate to replace the affected Let's Encrypt one.