There are a number of other providers (such as StartSSL) that are widely trusted, but are NOT included in the JDK/JRE default trust store, so any java based client will not trust the certificates out of the box. Do you know if the CA you’ll be cross signing with is included in the java default trus…

Will the cross root cover trust by the default list in the JDK/JRE?

Firefishy July 20, 2016, 12:25pm 52

Letsencrypt certificates are confirmed working with Oracle JDK >= 8u101 (release)

Topic		Replies	Views
Helloworld.letsencrypt.org can only find certificate with DST X3 loaded Server	19	9543	June 12, 2016
Certificate upgrade Java Tomcat (and Apache) Server	16	2883	May 13, 2019
DST Root CA X3 based cert no longer accepted by Java 8u144 Help	18	1973	March 25, 2021
Which browsers and operating systems support Let's Encrypt Server	70	210337	November 19, 2020
CN=DST Root CA X3, O=Digital Signature Trust Co. and serial number 4001 7721 37D4 E942 B8EE 76AA 3C64 0AB7 is not a trusted certificate Help	33	8129	November 19, 2021