2026.05.08 Gen Y Cross-Certified Subordinate CAs missing serverAuth EKU

Let's Encrypt's Gen Y (YE and YR bulleted below) Cross-Certified Subordinate CAs were issued in violation of CCADB policy which requires that the serverAuth EKU extension MUST be present in cross-signed intermediate certificates issued since June 15th 2025. Root YE and YR were issued September 3rd 2025 and are subject to the requirements.

https://letsencrypt.org/certs/gen-y/root-ye-by-x2.txt
https://letsencrypt.org/certs/gen-y/root-yr-by-x1.txt

We temporarily disabled certificate issuance, deployed a configuration change to prevent future issuance from the cross-signed Gen Y hierarchy, and then re-enabled issuance. Certificate revocation and CRL generation remains functional for Gen Y certificates.

We have posted our preliminary incident report to Bugzilla at 2038351 - Let's Encrypt: Gen Y Cross-Certified Subordinate CAs missing serverAuth EKU.

We have identified that our cross-certified subordinate CAs are missing Extended Key Usage (EKU) fields which are now required.

We are revoking and reissuing our cross-signs of X2/YR by X1, and YE by X2.

This will not affect most Let’s Encrypt subscribers. We will not be revoking the end-entity certificates, as they are still compliant. However, any certificates issued from our roots YE and YR may not chain successfully to our previous roots X1 and X2 without an updated cross-signed intermediate in their chain.

If you have a certificate issued by the “tlsserver” or “shortlived” ACME profiles, we recommend renewing them. Our ACME Renewal Information API is signalling affected certificates to renew now.

The full report has been posted. You can read it here: https://bugzilla.mozilla.org/show_bug.cgi?id=2038351#c12