On May 26, 2025, at approximately 17:50 UTC, clients began experiencing errors when attempting to access various parts of the Lucidworks platform, including LWAI and Connected Search.
The incident was not immediately detected by our internal monitoring and alerting system. It was identified only after user reports and internal investigation, delaying the time to resolution.
A recent change to the TLS certificate configuration used by these services was reverted at 20:04 UTC, resolving the issue.
The Lucidworks Platform utilizes several domain name spaces (zones) to provide its services. Critically, the *.applications.lucidworks.com
zone houses addressable endpoints for all Applications powered by the Platform, including LWAI Applications and their associated Integrations (which are used by Managed Fusion for intra-Platform communication).
During a routine update intended to replace an expiring certificate for *.datasources.lucidworks.com
– an unrelated zone – the engineering team inadvertently deployed this certificate to several additional subdomains, including *.applications.lucidworks.com
.
Because the newly deployed certificate was only valid for *.datasources.lucidworks.com
, services such as *.applications.lucidworks.com
began serving an invalid certificate for their domain. This misalignment led to backend connection failures and disrupted user access to key parts of the Lucidworks Platform, including LWAI Applications and their associated Integrations, as well as Connected Search functionality.
Lucidworks Engineering corrected the issue by rolling back the incorrect certificate and redeploying the correct certificates to all affected subdomains.
Lucidworks will take the following actions as a result of this incident:
There are no recommended client actions as a result of this incident.