New cert from E1 with self-signed X2

I have been using E1 certificates for a while, and recently I found that X2 self-signed certificates have been accepted by all major browsers (apple / ms / mozilla / chrome), but the trust chain of new certificates I issued through acme.sh is still the cross-signed one

When can self-signed X2 be used instead of cross-signed X2? Hope to use pure ECDSA certificate as soon as possible

1 Like

This would be possible to do via your ACME client (with --preferred-chain) if Let's Encrypt were offering a shorter alternate chain for the ECDSA hierarchy.

However, I don't think they are offering that right now. I checked my server where I am using E1 with Certbot, and the HTTP responses in the logs show that they're not advertising an alternative chain yet.

I guess your other choice would be to get acme.sh to call a deploy hook which would copy your certificate chain, cut out the last certificate (the cross-signed X2) so that it would just be your leaf certificate + E1 left over, and then use that in your server.

I don't think that Let's Encrypt have made indication about how soon they will be transitioning ECDSA certificates to E1.

6 Likes

I tried to modify fullchain.cer but it doesn't seem to work, from what I understand, there are actually two completely different certificates, but both are called X2

1 Like

If you know all your clients already have Root X2 in their trust store, you can just remove the last certificate from fullchain.pem. You don't include the self-signed X2 because your clients would already have it (just like you don't include the self-signed X1 in the current chain).

As said above, you would need to have a deploy hook that automatically cut that last certificate out, and then subscribe to the API Announcements category so that you'd know if the chain was ever changing. I tend to doubt that it's worth doing so in most scenarios, but you certainly could.

5 Likes

Yes, there are 2 X2 certificates: one is self-signed and the other one is cross-signed.

6 Likes
4 Likes

Please make certain that whatever is using fullchain.cer gets reloaded after you make the change.

5 Likes

Sorry, my fault, I thought the X2 went into the chrome truststore, but it hasn't

3 Likes

Can you elaborate on the process to find available --preferred-chain options? What exactly did you look for in the logs?

If your clients trust X2, you already have a pure ECDSA chain; the validator will stop at X2 which it knows, thus ignoring the RSA cross-signature from X1. Dropping that cross-sig from your chain will not change validation for those clients, it will only reduce the number of bits your server is sending in the SSL handshake.

5 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.