When did letsencrypt start to distribute the DST signed intermediate CA, instead of the IdenTRust cross signed one?( false alarm)

@cpu @schoen

Hi all,

I just noticed that the intermediate CA cert is DST root signed now.
When did you stop distributing the previous IdenTrust crossing signed CA cert ?

Never mind. false alarm.


IdenTrust == DST Root CA X3.

From https://letsencrypt.org/certificates/ ,

Specifically, IdenTrust has cross-signed our intermediate using their DST Root CA X3.


Thanks. my eyes were broken.

1 Like

Haha. It happens! :slight_smile: No harm done.

1 Like

hmm, Is there a timeline for you guys to start to use your own intemediate CA cert ?

Nothing concrete that Iā€™m aware of.

1 Like

Maybe we should make a tool that can process a list of user-agents and estimate what fraction of them would have accepted the ISRG root in their default vendor configuration.