ISRG Root X1 untrusted since yesterday

Help
1

Hello,

since yesterday, my web server (Windows Server 2019) can't connect to websites using Let's encrypt, e.g. the Mollie API. Therefore, payments on my web applications don't work. I even can't open www.mollie.com or https://valid-isrgrootx1.letsencrypt.org/ on my web server in Chrome. On my development machines (Windows 11 workstation, MacBook Pro M3), everything runs fine.

When I open root authorities on the web server, I can see ISRG Root X1 noted as "The certificate has been revoked by its certification authority". Therefore I tried to remove it from the certificate store and re-downloaded it from Chains of Trust - Let's Encrypt (I used ISRG Root X1 > Certificate details (self-signed) -> .der). But even the newly downloaded certificate is stated as revoked by the certification authority.

Tried windows update, also automatic root certificates update is enabled in GPO.

What am I doing wrong, what can I do? It's very critical as my web projects don't work anymore since most partners rely on Let's Encrypt.

Thank in advance!

1 Like
2

I found the solution: ISRG Root X1 was also present in "untrusted root authorities". I have no idea how it came up there as of course I had never placed it there and it stopped working yesterday without any change. However, after deleting it from the untrusted roots and rebooting the server, everything is working again. :pray:

4 Likes
3

Welcome Back to the Let's Encrypt Community! :slightly_smiling_face:

Glad you got this resolved!

:partying_face:

4 Likes