Great list, MrTux, thank you! Do you plan on keeping it up to date?
If the today maintenance went well, this should work now.
Thanks for maintaining this list @mrtux! I think the Windows XP SP3 section should now say:
3 Likes
3 posts were split to a new topic: Problem editing already posted topic
due to the fact that intermediates use the same keys, couldnt people just replace the intermediates?
Unfortunately, no. The end-entity certificates contain an Issuer field which has to match the Subject field of the issuer cert. Because we changed Subject fields (intentionally, to avoid path-building issues), serving an end-entity cert from before March 25 (i.e., one with Issuer: Let's Encrypt Authority X1) and providing a chain that includes Let's Encrypt Authority X3 instead is incorrect and won't make XP support work.
1 Like
okay. that’s annoying stuff.
There’s probably no way to instruct Boulder to sign the CSR with the X1 intermediate? Perhaps because of only one active HSM?
Ok, but why? Most other CAs rely on the X509v3 Authority Key Identifier (that also the reason why all other CAs could easily just release new intermediates which are signed by SHA256 w/o resigning all end certificates).
1 Like
The key role here is the clients, which do the verification of certificate chains. This is also describe in RFC5280.
It would have been possible for us to issue a new intermediate with the same Subject, but without the nameConstraints extension. However, this would have run into nasty path building problems, where operating systems can choose arbitrarily which certificate to use if both are cached. This is a particularly bad type of deployment problem, because it leads to "works for me" on clean machines, but will fail for people on other machines, based solely on the history of other sites they've visited.
Note that we don't expect most people to reissue their certificates early. If you've been getting along fine without XP support so far, there's no need to switch. But hopefully this will allow some sites that require XP support to deploy HTTPS.
That's correct. We're deprecating the X1 intermediate in favor of X3. This isn't based on the number of HSMs (one HSM can have multiple keys active), but is based on maintaining operational simplicity.
1 Like
Looks like the latest LE certificates I created today are not trusted by Firefox.
Is it becauses it is now using the X3 intermediate? The old certs with X1 seems to be fine.
Have you included the X3 intermediate cert in your config ? ( not the X1 intermediate)
Yes, X3 is there but still not trusted by firefox 45.0.1
Bag Attributes
localKeyID: E2 43 99 C5 23 2A 7B 66 C8 C2 9F 79 89 83 71 CA C5 B2 63 AE
subject=/CN=(removed)
issuer=/C=US/O=Let’s Encrypt/CN=Let’s Encrypt Authority X3
-----BEGIN CERTIFICATE-----
XXX
-----END CERTIFICATE-----
Bag Attributes:
subject=/C=US/O=Let’s Encrypt/CN=Let’s Encrypt Authority X3
issuer=/O=Digital Signature Trust Co./CN=DST Root CA X3
-----BEGIN CERTIFICATE-----
XXX
-----END CERTIFICATE-----
Bag Attributes
localKeyID: E2 43 99 C5 23 2A 7B 66 C8 C2 9F 79 89 83 71 CA C5 B2 63 AE
Key Attributes:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,C9E7EE848C4ED263
XXX
-----END RSA PRIVATE KEY-----
Please use SSL Labs on your domain to verify there are no certificate chain issues.
Intermediate certificates have no trust status of their own, they don’t have to be “in” a browser, they simply need to be served along with the site certificate and help build a trust path back to the root certificate.
There was no point censoring your domain there as the fingerprint can be used to look it up in the CT logs. Anyway it appears that the server is sending a cert for a completely different domain (issued by a different CA as well).
1 Like
For just checking cert validity and chain, you can also use www.sslshopper.com that only perform test on that and so is quicker than SSL Labs.
Thanks for the tips guys.
I think the problem lies with the conversion to a Java Keystore. I've sucessfuly done it just last week when the intermediate was X1 but now the cert chain is missing.
I can convert it to jks with the X3 intermediate but now the root is missing.
Any handy command line resources to convert the pfx to jks? So i can verify what is wrong? Thanks.
This problem is also discussed here How to use the certificate for Tomcat - #24 by vlott
For some weird reason, ended up having to create the cert chain again this way...
openssl pkcs12 -in certificate-all.pfx -out clientcert.pem -nodes -clcerts cat clientcert.pem lets-encrypt-x3-cross-signed.pem dst-root-ca-x3.pem >> clientcertchain.pem openssl pkcs12 -export -in clientcertchain.pem -out clientcertchain.pfx keytool -importkeystore -srckeystore clientcertchain.pfx -srcstoretype pkcs12 -destkeystore clientcertchain.jks -deststoretype JKS
There seems to be a problem with the PS4 Browser and let's encrypt: