The IdenTrust Root Certificate (DST Root CA X30) that was used to cross-sign the community-controlled Let's Encrypt CA Root Certificate (ISRG Root X17) will expire on September 01 at 3:1 AM ET. Cross-signing ensured that Let's Encrypt certificates were trusted on a wide range of devices, operating systems, and browsers while integrating Let's Encrypt's own root certificate into root certificate stores.
It was originally planned that after the deprecation of DST Root CA X3, the Let's Encrypt project would switch to generating signatures using only its root certificate, but such a move would lead to loss of compatibility with a large number of older systems that did not add the Let's Encrypt root certificate to their stores. In particular, approximately 30% of Android devices in use do not have information about the Let's Encrypt root certificate, support for which only appeared starting with Android 7.1.1, released at the end of 2016.
Let's Encrypt did not plan to enter into a new cross-signature agreement, as this imposes additional responsibility on the participants in the agreement, deprives them of their independence and ties their hands in terms of complying with all the procedures and rules of another certification center. But due to potential problems on a large number of Android devices, the plan was revised. A new agreement has been entered into with IdenTrust CA, which creates an alternative cross-signed Let's Encrypt intermediate certificate. The cross-signature will be valid for three years and will keep support for Android devices starting from version 2.3.6.
However, the new intermediate certificate does not cover many other legacy systems. For example, after the DST Root CA X3 certificate expires on September 30th, Let's Encrypt certificates will no longer be accepted on no longer supported firmwares and operating systems that require the manual addition of the ISRG Root X1 certificate to the root certificate store in order to trust Let's Encrypt certificates. Problems will appear in:
- OpenSSL up to and including the 1.0.2 branch (maintenance of the 1.0.2 branch was discontinued in December 2019);
- NSS <3.26;
- Java 8 <8u141, Java 7 <7u151;
- Windows <XP SP3;
- macOS <10.12.1;
- iOS <10 (iPhone <5);
- Android <2.3.6;
- Mozilla Firefox <50;
- Ubuntu <16.04;
- Debian <8.
In the case of OpenSSL 1.0.2, the problem is caused by a bug that prevents cross-signed certificates from being processed correctly if one of the root certificates involved in signing expires, even though other valid chains of trust are preserved. The problem first surfaced last year after the expiration of the AddTrust certificate used for cross-signature in the certificates of the Sectigo (Comodo) certification authority. The crux of the problem is that OpenSSL parsed the certificate as a linear chain, while according to RFC 4158, the certificate can represent a directed distributed circular graph with several trust anchors that need to be considered.
Users of older distributions based on OpenSSL 1.0.2 are offered three workarounds to solve the problem:
- Manually uninstall the IdenTrust DST Root CA X3 root certificate and install a standalone (not cross-signed) ISRG Root X1 root certificate.
- When running the openssl verify and s_client commands, you can specify the "--trusted_first" option.
- Use on the server a certificate certified by a stand-alone SRG Root X1 root certificate that does not have a cross-signature. This method will lead to loss of compatibility with older Android clients.
Additionally, let's Encrypt project has overcome the milestone of two billion generated certificates. The milestone of one billion was reached in February last year. 2.2-2.4 million new certificates are generated daily. The number of active certificates is 192 million (the certificate is valid for three months) and covers about 260 million domains (195 million domains were covered a year ago, 150 million two years ago, and 60 million three years ago). According to Firefox Telemetry statistics, the global share of HTTPS page requests is 82% (one year ago - 81%, two years ago - 77%, three years ago - 69%, four years ago - 58%).
Source: opennet.ru