New cert from E1 with self-signed X2

I have been using E1 certificates for a while, and recently I found that X2 self-signed certificates have been accepted by all major browsers (apple / ms / mozilla / chrome), but the trust chain of new certificates I issued through is still the cross-signed one

When can self-signed X2 be used instead of cross-signed X2? Hope to use pure ECDSA certificate as soon as possible

1 Like

This would be possible to do via your ACME client (with --preferred-chain) if Let's Encrypt were offering a shorter alternate chain for the ECDSA hierarchy.

However, I don't think they are offering that right now. I checked my server where I am using E1 with Certbot, and the HTTP responses in the logs show that they're not advertising an alternative chain yet.

I guess your other choice would be to get to call a deploy hook which would copy your certificate chain, cut out the last certificate (the cross-signed X2) so that it would just be your leaf certificate + E1 left over, and then use that in your server.

I don't think that Let's Encrypt have made indication about how soon they will be transitioning ECDSA certificates to E1.


I tried to modify fullchain.cer but it doesn't seem to work, from what I understand, there are actually two completely different certificates, but both are called X2

1 Like

If you know all your clients already have Root X2 in their trust store, you can just remove the last certificate from fullchain.pem. You don't include the self-signed X2 because your clients would already have it (just like you don't include the self-signed X1 in the current chain).

As said above, you would need to have a deploy hook that automatically cut that last certificate out, and then subscribe to the API Announcements category so that you'd know if the chain was ever changing. I tend to doubt that it's worth doing so in most scenarios, but you certainly could.


Yes, there are 2 X2 certificates: one is self-signed and the other one is cross-signed.


Please make certain that whatever is using fullchain.cer gets reloaded after you make the change.


Sorry, my fault, I thought the X2 went into the chrome truststore, but it hasn't


Can you elaborate on the process to find available --preferred-chain options? What exactly did you look for in the logs?

If your clients trust X2, you already have a pure ECDSA chain; the validator will stop at X2 which it knows, thus ignoring the RSA cross-signature from X1. Dropping that cross-sig from your chain will not change validation for those clients, it will only reduce the number of bits your server is sending in the SSL handshake.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.