Question: Let’s Encrypt Intermediate Certificate Rotation

Shubhendu · November 7, 2025, 3:17pm

Hi everyone,

We’re pinning Let’s Encrypt’s intermediate certificate in our applications, and we want to make sure we’re ready when it gets rotated so we don’t run into any downtime.

A couple of things we’re hoping to clarify:

Is there a published schedule for intermediate certificate rotations?
What’s the best way to get notified ahead of time when a rotation is coming?

Basically, we want to make sure we can update pinned certificates in time without affecting our apps. Any advice, tips, or pointers to relevant docs would be super helpful.

Thanks a lot!

aarongable · November 7, 2025, 3:21pm

Do not pin Let's Encrypt intermediates. If you must pin something, either pin the roots (like any other trust store) or pin your end-entity certificates (over which you have full control).

There is not.

Watch the API Announcements category here on the forum, but even that is not a guarantee: we may rotate intermediates at any time with no warning.

Osiris · November 7, 2025, 3:24pm

Why?

system · December 7, 2025, 3:25pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Notification of New Intermediate CAs Client dev	6	174	February 8, 2026
Certificate pinning and Let's Encrypt Help	7	2648	February 4, 2021
Switching issuance to new intermediates API Announcements	3	2623	August 20, 2025
Issue from multiple intermediates during a scheduled transition period? Issuance Policy	29	2380	February 11, 2021
New Intermediate Certificate Timeline Issuance Tech	6	2329	May 12, 2024

Question: Let’s Encrypt Intermediate Certificate Rotation

Related topics