When you request a certificate with ACME, our servers provide your ACME client with a recommended certificate chain to go with it. For subscribers who are using ECDSA and who have joined the production allow list, that recommended certificate chain looks like this:
end-entity certificate <-- E1 <-- ISRG Root X2 <-- ISRG Root X1
As we said in the past:
Happily, Root X2 has made significant progress into trust stores. Soon, our servers will begin providing an alternate certificate chain for ECDSA certificates issued to accounts which have opted-in to an ECDSA certificate path via the production allow list. The alternative chain will terminate at Root X2 as the trust anchor:
end-entity certificate <-- E1 <-- ISRG Root X2
This will allow clients which receive certificates issued by E1 to select the shortest, ECDSA-only, lowest-compatibility chain if they want to. They will still get the chain which includes the X2-cross-signed-by-X1 certificate by default.
Our planned date for this change to production is Wednesday, 9 August 2023.
Today we're updating our Staging environment to offer the alternate chain anchored at the staging (STAGING) Bogus Broccoli X2, to assist with testing this change.