Which browsers and operating systems support Let's Encrypt


that’s why I use firefox. they not only have their own certs but also NSS meaning the MS’problems are not my problems. -> TLS 1.2, AES and EC even on XP (well I dont use it but you get my point.)


Great list, MrTux, thank you! Do you plan on keeping it up to date?


If the today maintenance went well, this should work now.


@Gaia @Nit I’ll try to keep this up2date.


Thanks for maintaining this list @mrtux! I think the Windows XP SP3 section should now say:


3 posts were split to a new topic: Problem editing already posted topic


Problem editing already posted topic

due to the fact that intermediates use the same keys, couldnt people just replace the intermediates?


Unfortunately, no. The end-entity certificates contain an Issuer field which has to match the Subject field of the issuer cert. Because we changed Subject fields (intentionally, to avoid path-building issues), serving an end-entity cert from before March 25 (i.e., one with Issuer: Let’s Encrypt Authority X1) and providing a chain that includes Let’s Encrypt Authority X3 instead is incorrect and won’t make XP support work.


okay. that’s annoying stuff.


There’s probably no way to instruct Boulder to sign the CSR with the X1 intermediate? Perhaps because of only one active HSM?


Ok, but why? Most other CAs rely on the X509v3 Authority Key Identifier (that also the reason why all other CAs could easily just release new intermediates which are signed by SHA256 w/o resigning all end certificates).


The key role here is the clients, which do the verification of certificate chains. This is also describe in RFC5280.

It would have been possible for us to issue a new intermediate with the same Subject, but without the nameConstraints extension. However, this would have run into nasty path building problems, where operating systems can choose arbitrarily which certificate to use if both are cached. This is a particularly bad type of deployment problem, because it leads to “works for me” on clean machines, but will fail for people on other machines, based solely on the history of other sites they’ve visited.

Note that we don’t expect most people to reissue their certificates early. If you’ve been getting along fine without XP support so far, there’s no need to switch. But hopefully this will allow some sites that require XP support to deploy HTTPS.

That’s correct. We’re deprecating the X1 intermediate in favor of X3. This isn’t based on the number of HSMs (one HSM can have multiple keys active), but is based on maintaining operational simplicity.

Is it possible to renew a certificate using the X1 intermediate certificate?

Looks like the latest LE certificates I created today are not trusted by Firefox.
Is it becauses it is now using the X3 intermediate? The old certs with X1 seems to be fine.


Have you included the X3 intermediate cert in your config ? ( not the X1 intermediate)


Yes, X3 is there but still not trusted by firefox 45.0.1

Bag Attributes
localKeyID: E2 43 99 C5 23 2A 7B 66 C8 C2 9F 79 89 83 71 CA C5 B2 63 AE
issuer=/C=US/O=Let’s Encrypt/CN=Let’s Encrypt Authority X3
Bag Attributes:
subject=/C=US/O=Let’s Encrypt/CN=Let’s Encrypt Authority X3
issuer=/O=Digital Signature Trust Co./CN=DST Root CA X3
Bag Attributes
localKeyID: E2 43 99 C5 23 2A 7B 66 C8 C2 9F 79 89 83 71 CA C5 B2 63 AE
Key Attributes:
Proc-Type: 4,ENCRYPTED



Please use SSL Labs on your domain to verify there are no certificate chain issues.

Intermediate certificates have no trust status of their own, they don’t have to be “in” a browser, they simply need to be served along with the site certificate and help build a trust path back to the root certificate.


There was no point censoring your domain there as the fingerprint can be used to look it up in the CT logs. Anyway it appears that the server is sending a cert for a completely different domain (issued by a different CA as well).


For just checking cert validity and chain, you can also use www.sslshopper.com that only perform test on that and so is quicker than SSL Labs.


Thanks for the tips guys.
I think the problem lies with the conversion to a Java Keystore. I’ve sucessfuly done it just last week when the intermediate was X1 but now the cert chain is missing.

I can convert it to jks with the X3 intermediate but now the root is missing.

Any handy command line resources to convert the pfx to jks? So i can verify what is wrong? Thanks.

This problem is also discussed here How to use the certificate for Tomcat

For some weird reason, ended up having to create the cert chain again this way…

openssl pkcs12 -in certificate-all.pfx -out clientcert.pem -nodes -clcerts
cat clientcert.pem lets-encrypt-x3-cross-signed.pem dst-root-ca-x3.pem >> clientcertchain.pem
openssl pkcs12 -export -in clientcertchain.pem -out clientcertchain.pfx
keytool -importkeystore -srckeystore clientcertchain.pfx -srcstoretype pkcs12 -destkeystore clientcertchain.jks -deststoretype JKS