We have just published a blog post detailing our plans to handle the expiration of our ISRG Root X1 cross-sign from IdenTrust’s DST Root CA X3.
The summary is:
On 2024-02-08, we will stop providing the long chain by default, but clients can still be configured to request it.
On 2024-06-06, we will stop providing the long chain at all.
On 2024-09-30, the cross-sign will expire, and any websites still serving it in their TLS handshakes may run into difficulties.
No action on your part is needed. You have the option of doing some manual configuration of your ACME client to gain six extra months of compatibility for older Android devices visiting your sites. If you have any questions, please direct them to this thread.
Some of you mayhavenoticed that, from Thursday, Nov 9, 17:30 UTC to Monday, Nov 13, 20:45 UTC, we were providing the short chain by default for certificates issued from R3. This was an accidental misconfiguration, and has been reverted.
However, the change observed over the past few days is identical to the change that we will be making on February 8, as announced above. If this change caused issues for your client, please prepare now for the upcoming changes. The blog post linked above has details on how.
Reminder that the short chain will become the default, and the compatibility chain will be moved to be an alternate, in approximately three weeks. See the above announcements for details.
Reminder: on Thursday of this week, the /acme/certificates API endpoint will begin serving the short chain (rooted at our own self-signed ISRG Root X1) by default, and only offering the long chain (rooted at DST Root CA X3) as an alternate. If your ACME client is configured to simply download and install the default chain provided by our API, then your visitors will begin seeing the short chain the next time your certificate is renewed.