First and foremost, myself and our engineering team are sincerely sorry for preventing your teams from accessing chat on Thursday, November 8th. We understand you rely on Olark to communicate with your customers and that you put your trust in us to provide a stable service. We didn’t meet our end of that on the 8th and we hope to rebuild that trust.
Our team takes any outage very seriously. After any outage we perform a detailed postmortem to understand what went wrong, what we can learn, and most importantly, what can we do to ensure it doesn’t happen again.
On Thursday, November 8th at 4:00 AM PST the SSL certificate being served on chat.olark.com expired. This certificate was valid and owned by Olark, but had not been included in our most recent update; all other systems were serving our new SSL certificate. Unfortunately, our routine SSL certificate update process required human intervention for verification, and as a result of human error we failed to update the certificate on the chat.olark.com domain.
The expired certificate caused browsers to display an insecure site error and prevented agents from logging in to chat. The issue was resolved at 8:07 AM PST.
The expired certificate did not affect the security of your data or website in any way.
October 22, 2018
November 8, 2018
Fixing this problem took longer than is acceptable. Our incident response team lacked critical information. The engineers who had the specific knowledge necessary to isolate the issue were out of the office, so identifying the source of the problem took longer than it should have.
We are taking several steps to follow up on this issue, both to make sure that this particular problem doesn't resurface, and to improve our team's ability to handle outages in general:
Our commitment to you is that we can and will do better, and that we will continue to improve so that we can serve you better in the future. My sincere hope is we’ll regain the trust we lost on the 8th by showing you that we deliver on our commitments.
If you have any additional concerns or questions, don’t hesitate to reach out to us through firstname.lastname@example.org.
Director of Engineering