Important Info if you suddenly have certificate errors today

Let’s Encrypts root certificate (DST Root CA X3) and the associated intermediate R3 certificate have expired today. These are replaced by the newer R3 intermediate and ISRG Root X1 root.

Certify The Web customers were sent an email about it a few days ago - information and troubleshooting information is here: Let's Encrypt DST Root CA X3 expiry Sept 30th 2021 | Certify The Web Docs

If you have updated Certify The Web to the latest version and rebooted, this should be enough to ensure you are serving a newer valid certificate chain if you are using IIS etc.

If you are using Apache or other servers you may need to check you are serving the correct chain (not just your primary certificate).

Please refer to the above linked troubleshooting document for more information.

1 Like