Savannah Administration - News
Certificate Expiration Event September 2021
Item posted by Bob Proulx <rwp> on Tue 05 Oct 2021 06:54:40 AM UTC.
On September 30, 2021, as planned the DST Root CA X3 cross-sign has expired for the Let's Encrypt trust chain. That was a normal and planned event. However coupled with a verification error in the code of libraries authenticating certificates it caused some clients that have not been updated to fixed versions to have problems validating certificates.
If you are experiencing invalid certificate chain problems with Let's Encrypt certificates (not a Savannah problem) then please upgrade your client to the latest security patches for your system. Please reference these resources as to upstream information and discussion about the issue.
- https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
- https://community.letsencrypt.org/t/production-chain-changes/150739/4
- https://letsencrypt.org/docs/certificate-compatibility/
- https://letsencrypt.org/certificates/
- https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/
Powered by Savane 3.14-8eb0.
Corresponding source code