As we notified customers January 15, part of our overall initiative to enhance our product security includes revoking the digital certificate used to sign many of our software builds on March 8, 2021. We’ve obtained new digital code-signing certificates to sign new builds of our software, and to help users authenticate SolarWinds products. To be clear, this is not a new security incident, and is another part of our incident response.
There is no impact to the Pingdom product itself, but we have digitally re-signed the Web Transaction Recorder:
- If you installed the Web Transaction Recorder prior to January 27, 2021, you will need to upgrade by March 8, 2021.
- If you are not using the Web Transaction recorder, no action is needed.
Additional resources and what to expect next:
- A newly signed version of the Web Transaction Recorder with upgrade instructions is now available here.
- Instructions on how to tell what version of the recorder you have are here.
- For more information about why we are taking this step, please our SolarWinds New Digital Code-Signing Certificate page at solarwinds.com/trust-center/new-digital-certificate for more information about why we’re revoking our digital code-signing certificate and answers to common questions. We’ll update this page with the latest information.
While we recognize this change may require effort on your part, we believe this is the right action to help ensure both the integrity of our products and to retain the trust you have in us. To ensure the security and performance of your SolarWinds products, we recommend you update your software as soon as possible. We appreciate your partnership.