Complex indeed.
> The idea as I understand it is that browsers should
> see the ISRG Root X1 certificate, realize that it itself is already
> trusted by the OS or browser, and not even look at the next expired
> DST Root CA X3 certificate in the chain.
>
This doesn't work sometimes on some
The complexity of the problem…
> Begin forwarded message:
>
> From: raf
> Subject: Re: Let's Encrypt DST Root CA X3 Expiration
> Date: 2 October 2021 at 23:32:45 GMT-3
> To: macports-us...@lists.macports.org
>
> On Sat, Oct 02, 2021 at 04:14:05AM -0500, Ryan Schmidt
> wrote:
>
>>
Sorry for these problems still persist, we have a forst of servers and we still
could not replace all certs, I am discovering strange combinations of certs /OS
incompatibilities still myself.
Thank you for reporting Lars, and thank you for clarifications Jeff!
Adrian
> On 5 Oct 2021, at
Lars,
AG Projects' site uses Let's Encrypt for its certificate, and Let's Encrypt
expired an old intermediate one last Thursday. I suspect what you're
seeing is a result.
The certificates on the AG server are up to date. It's possible you may
need to remove the expired certificate from your