I am using Let’s Encrypt on my server to issue certificates and auto renew them every 3 months.
I am using IOT devices that have the intermediary certificate Let’s Encrypt uses ( Let’s Encrypt Authority X3) embedded in the firmware so I can validate I am talking to my server.
This intermediary certificate appears to be valid until 2021.
I am wondering if there is any way for me to know when my server certificates will become signed by a new intermediary so I can push a firmware update? Will this intermediary keep signing my certificates? Up until when?
Maybe there is no way to know, in which case is there a better way to do what I’m doing? I didn’t really want to be my own CA and self sign just the endpoint the devices connect to.
Amazon’s IOT platform uses a CA certificate that is valid until 2049, but I don’t use their services.