R3 Intermediate certificate has expired

ok, so it will not recreate the file with the problem certificate.

It actually will (if nothing changes), but by then we should have a (better) fix for this and likely the provided files' chain will look just like this one does now.
OR you money back! - LOL

1 Like

Anybody having problems connecting from a CLI?

1 Like

Yes, particularly git clones and linux stuff. Have a search through the forum but it'll be specific to your OS and whether it uses openssl etc (and what version).

Exactly, in our case, we're having problem with a POST to a self-hosted GitLab API

the same site:


1 Like

Thanks - that was exactly my problem. I used the cert.pem in my dovecot (imap) and smtp settings.
Switching to fullchain.pem solved it.


Hi, I’m not a web hoster or have much IT knowledge at all, just a user from another field who is having trouble accessing websites apparently due to this error (looked up letsencrypt and r3 after general troubleshooting didn’t work). I have two older Mac computers in my home and both are having problems accesing several sites (scielo.org, wikipedia.org, centraonline.cl and others that I could regularly use before yesterday) with both Safari and Chrome. I assume it’s due to the certificate as read here, but I’m also scared it could be a security problem. I can access the sites in incognito mode and advanced settings options, although it warns me that the connection is unsafe while I use them (citing ERR_CERT_DATE_INVALID, but the date and time settings in my system are correct). I would appreciate any guidance since I live in a pretty remote area and use my computers for work. Apparently it’s not a network problem, I can access those websites fine through my cellphone.

@feminatimida What's the version of your OS X? Also, I'm curious: does using incognito mode work without any other thing necessary to do? Such as overriding something? Does incognito "just work"?

1 Like

@Osiris One is a macbook pro retina from 2014 running on Yosemite version 10.10.5 (tried to update it but it took more than 72 hours and didn’t work) and the other is a macbook pro from 2012, running El Capitan 10.11.6. I can’t access any sites that use letsencrypt R3 without getting a security warning. With some of them, using incognito mode and/or ignoring the safety warning allows me to proceed to the site unsafely. Not ideal but I need to be able to access somehow.

1 Like

Two possible choices available today:

  • update to 10.12 or higher (however long that pain path might be)
  • use alternate software (like chrome/firefox/etc.)

Possible future choices...:

  • win lottery and buy a newer computer
  • drop off the Internet entirely and go on a spiritual journey through life
  • spend your time reading random thoughts on forums
  • laughing like nothing matters especially when it does
  • joining a open source coding clan and help rewrite software to be secure and easy to use

[sorry my time is up - next on the mic is...]


For older macOS, try:

  • downloading https://letsencrypt.org/certs/isrgrootx1.der
  • Open the Keychain Access app and dragging that file into the System folder of that app.
  • then find the ISRG Root X1 certificate in System and double click on it, open the Trust menu and change "Use System Defaults" to "Always Trust", then close that and enter your password to confirm the change (if prompted).

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.