Proxy outage
Incident Report for Blockfrost
Postmortem

On Monday, following an internal billing complication, we were informed that one of our clusters had been reset at 1:25 UTC. After reactivating it, we discovered that the SSL edge certificate supplied by our CDN provider, Cloudflare, was not functioning properly.

We determined that Cloudflare was attempting to renew the certificate from Let's Encrypt, their provider, but the process was stalled in a pending state and not advancing.

Despite several attempts to reset it, we were unsuccessful. We learned that sometimes certificates may expire before being renewed.

To resolve this issue, we purchased a new SSL certificate from DigiCert instead of relying on Let's Encrypt's service. We plan to manage the certificate ourselves moving forward.

The cluster's traffic was restored by approximately 1:45.

Recommendation for customers:

One customer reported not seeing the updated cluster DNS record for several minutes after the service was restored. We believe this may be because their DNS server cached the reply longer than our original TTL (time-to-live) record, which is set to 5 minutes. We strongly advise customers to ensure they are not caching DNS responses for longer than our TTL setting, or to use mainstream DNS name servers.

Posted Apr 18, 2023 - 06:33 UTC
Resolved
This incident has been resolved.
Posted Apr 18, 2023 - 06:06 UTC
Monitoring
It appears our CDN is working again. We are monitoring the situation.
Posted Apr 17, 2023 - 02:13 UTC
Identified
We have identified the issue and are working with Cloudflare to resolve it.
Posted Apr 17, 2023 - 02:05 UTC
Investigating
We are currently seeing an outage with our CDN provider and investigating the issue,
Posted Apr 17, 2023 - 01:39 UTC
This incident affected: API (Cardano mainnet backends, Cardano preview backends, Cardano preprod backends).
Current Status Powered by Atlassian Statuspage