Thousands upon thousands of affected Oculus Rifts was the last thing Oculus VR—a division of Facebook Inc. and developer of the Oculus Rift—wanted to wake up to. But after letting just one SSL certificate expire, this was their reality.
On March 7th, users of the Oculus Rift headset around the world found that their devices had stopped working all of a sudden. For many of them, it wasn’t until they came across a heated discussion on Reddit that they learned there wasn’t anything wrong with their hardware; the issue was that the company had failed to renew an SSL certificate in its Rift app. This caused the virtual reality software needed to run the headset to throw a security error message when users attempted to log in.
Oculus later released a patch containing the renewed version of the certificate to fix the issue, but the damage had already been done. Not only did they have to deal with frustrated customers facing 48 hours of lockout, but they also ended up giving away a $15 credit to each customer in an attempt to compensate them for the inconvenience.
Oculus doesn’t stand alone in certificate expiration oversight
This isn’t the first time an organization has faced setbacks because of expired SSL certificates. According to a Ponemon report, the average Global 5000 company spends $15 million to recover from the loss of business resulting from a certificate outage, and faces another $25 million in potential fines from compliance.
For organizations housing a large number of web applications, manually tracking all the SSL certificates within their network can be a daunting task. Companies need a strategy to completely automate their certificate management process so they can steer clear from the risks of certificate expiration and outages.
Key Manager Plus provides complete visibility and control over your SSL environment
If you’re looking to automate the management of SSL certificates and their life cycles, try out Key Manager Plus, our web-based SSH key and SSL certificate management solution. Key Manager Plus helps you centrally acquire, consolidate, deploy, track, renew, and audit the entire life cycle of SSH keys and SSL certificates. It provides complete visibility into your SSL environment and automates all SSL certificate management-related operations.
Here’s a quick summary of what you can do with Key Manager Plus:
- Discover all SSL certificates within your network.
- Consolidate SSL certificates in a secure, centralized inventory.
- Continuously track SSL certificate usage.
- Receive alerts on upcoming expiration well in advance.
- Audit all Key Manager Plus user activity.
Click here to try your Key Manager Plus for yourself. If you have any questions, feel free to write to us at keymanagerplus-support@manageengine.com.
