Adding Let’s Encrypt’s new root and intermediate certificates to Mozil…

Adding Let’s Encrypt’s new root and intermediate certificates to Mozilla applications

On September 30, 2021, Let’s Encrypt’s DST Root CA X3 cross-sign expired, leaving many web browsers to report that sites using Let’s Encrypt SSL certificates were “untrusted” or “unknown.”

Let’s Encrypt did, in fact, implement a new root and intermediate certificates some time ago, but after the built-in certificate stores in the Mozilla applications shipped with all versions of ArcaOS 5.0 to date (5.0 through 5.0.6) were configured. Thus, these new certificates were not included in those builds, and as a result, the new root certificate is indeed unknown.

The fix is relatively simple, and a rather common procedure for all browsers and email clients. To bring your Firefox, Thunderbird, and SeaMonkey certificate stores up to date, and learn how to do this for other new certificates as they become available, we’ve added a new wiki page, here.

Edited to add links to further information (off-site):

Let’s Encrypt – Chain of Trust
Let’s Encrypt – DST Root CA X3 Expiration (September 2021)

This entry last updated: October 2nd, 2021 by Lewis Rosenthal

This entry was posted in CommunityTips and tagged arcaosblue lioncertificatecomponentsfirefoxinfolets encryptmozillaseamonkeysecuritysoftwaresslthunderbirdtlsupdate on October 1, 2021 by Lewis Rosenthal.

Comments

Category
State
  • 현재 접속자 49 명
  • 오늘 방문자 416 명
  • 어제 방문자 574 명
  • 최대 방문자 4,250 명
  • 전체 방문자 1,359,161 명
  • 전체 게시물 2,617 개
  • 전체 댓글수 4,167 개
  • 전체 회원수 69 명

- 쇼핑몰 : Softbox
- 예전 문서 / Old docs
Facebook Twitter GooglePlus KakaoStory NaverBand