On September 30, 2021, as planned the DST Root CA X3 cross-sign has expired
for the Let's Encrypt trust chain.  That was a normal and planned event. 
However coupled with a verification error in the code of libraries
authenticating certificates it caused some clients that have not been updated
to fixed versions to have problems validating certificates.

If you are experiencing invalid certificate chain problems with Let's Encrypt
certificates (not a Savannah problem) then please upgrade your client to the
latest security patches for your system.  Please reference these resources as
to upstream information and discussion about the issue.

* https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
* https://community.letsencrypt.org/t/production-chain-changes/150739/4
* https://letsencrypt.org/docs/certificate-compatibility/
* https://letsencrypt.org/certificates/
* https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/


_______________________________________________
  Message sent via Savannah
  https://savannah.nongnu.org/


Reply via email to