My SSL certificate has expired and when I renewed the certificate, my CA Bundle and the certificate issuer changed, and my electronic devices that use my old CA Bundle to communicate with my service no longer provide communication with the newly generated certificate. Is there any way for my old CA Bundle to be able to communicate with this new certificate? Or can I generate a new certificate that communicates with my old CA Bundle?
1 Like
Welcome to the Let's Encrypt Community! 
Let's Encrypt recently retired several intermediate certificates and began issuance from several new intermediate certificates. Your devices should trust Let's Encrypt's root certificates (ISRG Root X1 and ISRG Root X2), not their intermediate certificates, which can rotate out of usage at any time.
6 Likes
There is also the possible issue of cert type [RSA / ECDSA].
Without a domain name, we can only guess at what is going wrong.
6 Likes
I don't see any ECDSA certs having been issued.
So, the problem is likely related to the new intermediate certs.
This type of problem is quite unexpected and may point to highly unrecommended use of intermediate certs.
4 Likes
Thank you very much for your help. I believe I will be able to resolve the issue and make changes so that this does not happen again.
3 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.