Is Let's encrypt certificate trusted by DigiCert?


#1

Sorry if this question might sound silly as from user point of view, and not deeply understand the underlying certificate technical detail.

In short, I’m doing business in China and using let’s encrypt for all my sites.

Today I got a public announcement from WeChat Merchant Payment platform along this line that its server will be updated with new certificate issued by DigiCert on 29 May 2018. It will only allow payment to go through only if your server have certificate that is issued by root CA certificate of DigiCert. Other than that the order will fail causing refunds or other failure cases.

Is Let’s encrypt certificate by any means trusted by DigiCert? If not, then is that the only option for me is to purchase DigiCert certificate for my sites? What is my options to tackle this situation?

Thank you!

Edit: Attached announcement as sent directly to the platform message

Edit 2: I got another notification message announcement from Tencent pay. They direct user to this link for detailed step by step on how to update certificate.


请问下:微信支付https服务器证书更换问题?
#2

您好,

请问可以提供一下该文档链接么?

谢谢

Hi,

Do you mind provide us with the document link?

Thank you


#3

Thank you please see my edit post.


#4

For english translated see here


#5

您好,

这条消息的意思是您需要在服务器端可以验证Digicert证书,不是说您的网站(SSL证书)需要从Digicert获取)

Hi,

The message means you’ll need to “verify the CA file” somehow. Not saying that your ssl certificate need to coming from Digicert

https://pay.weixin.qq.com/wiki/doc/api/tools/mch_pay.php?chapter=4_3


#6

You problably don’t have to do anything. The message (thanks @stevenzhu for translating) only states that the certificate of WeChat will be replaced. When you are using https sessions from your server to WeChat, just make sure that the Digicert Root is accepted by your client software - which will be true in most cases.

TL;DR: No need to replace your Let’s Encrypt certificates.


#7

Thank you! Sorry my mis-interpretation of the announcement.
So what I understand now is basically all certificates are from WeChat, not involve with mine.


#8

Thank you again! Clear now.


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.