It has come to our attention that we're currently including, by default, in our HTTPS redirector and DNSimple app certificate installer, an intermediate SSL certificate for Let's Encrypt that will expire on September 30, 2021.
In this post, we'll explain the actions we're taking to address this, and caveats to be aware of regarding the intermediate certificate provided by Let's Encrypt as a replacement.
Let's Encrypt adopts a common architecture for a certification authority based on root and intermediate certificates. The certificate authority owns one (or more) root certificates that are embedded root stores in the various browsers and operating systems. These certificates are not used directly for signining server certificates, to minimize security risks. Instead, these certificates are used to sign intermediate certificates that are used to sign server certificates. This approach helps segregate root certificates in highly secure offline facilities, removing the need from using them for live signing – a process that inheritely increases the risk of the certificate being compromised. Root certificates are highly valuable and very complicated to revoke/replace compared to intermediate certificates.
Since their inception, Let's Encrypt has adopted cross-signed root and intermediate certificates. This approach allowed Let's Encrypt to issue trusted certificates from the beginning using another certificate authority root (IdenTrust), while working to get their root certificates accepted by the various root stores.
On November 6, 2020, Let's Encrypt announced their intention to switch away from cross-signing to rely solely on their own root certificates. They altered the plan soon after when they realized some incompatibilities with certain older devices – in particular Android devices.
In a follow-up announcement on 21 December 2020, they announced their revised plan for Android Compatibility. This plan included the use of additional cross-signing on their root certificates, and they postponed the transition from the cross-signed R3 intermediate to their own R3 intermediate.
The transition was completed on May 2021. At this time, Let's Encrypt switched their default intermediate chain from using the certificate R3 (Cross-signed by IdenTrust) to the certificate R3 (Signed by ISRG Root X1).
This is the current Let's Encrypt Hierarchy as of August 2021.
The former certificate R3 (Cross-signed by IdenTrust) has since officially been flagged as retired by Let's Encrypt. At DNSimple, we continued to include this certificate in the default intermediate chain we serve from the HTTPS redirector and our DNSimple app certificate installer.
We planned to verify and switch the chain in the upcoming weeks, but it has taken longer than expected. Unfortunately, the retired certificate will expire in four days, on 30 September 2021. For this reason, we're now taking immediate action as described below.
As of 28 September 2021 10:00 UTC, the HTTPS redirector has been updated to use the new R3 certificate.
As of 28 September 2021 10:00 UTC, the certificate installation wizard you can access from the dowload certificate page in the DNSimple app has updated to use the new R3 certificate.
If you're using Let's Encrypt certificates generated via DNSimple in our HTTPS redirector, you don't need to make any changes. Effective immediately, new HTTPS handshakes will use the non-expiring certificate.
If you're using Let's Encrypt certificates generated via DNSimple in your site, make sure to promptly replace the intermediate chain to use the non-expired intermediate certificate, as outlined below.
As explained in the DST Root CA X3 Expiration (September 2021) page, there are some caveats when switching to this new chain.
On September 30 2021, there will be a small change in how older browsers and devices trust Let's Encrypt certificates. If you run a typical website, you won't notice a difference - the vast majority of your visitors will still accept your Let’s Encrypt certificate. If you provide an API or have to support IoT devices, you might have to pay a little more attention to the change.
If you actively use a Let's Encrypt certificate for one of those two use cases (API provider and/or IoT devices), we strongly encourage reading the article above and following the Let's Encrypt recommendations to be prepared for the switch.
At DNSimple, we support two different certificate authorities: Let's Encrypt and Sectigo.
The last intermediate/root certificate change involving Sectigo resulted in more issues than expected. For this reason, we've taken additional steps to proactively notify all customers with an active Let's Encrypt certificate.
We're also rolling out some changes to automate the process of switching Let's Encrypt intermediate chain using the default bundle provided by Let's Encrypt ACME protocol. We've been hesitant to implement this automation to avoid altering the chain without proper vetting and notification. However, this approach will better mimic the ACME protocol experience and result in a better user experience for our customers.
If you have any questions, please contact support – we're always here to help.
Italian software developer, a PADI scuba instructor and a former professional sommelier. I make awesome code and troll Anthony for fun and profit.
DNSimple is moving our DNSSEC out of beta and into general availability.
Configure DNSimple as your secondary DNS provider to improve your domain's availability and redundancy with AXFR zone transfers.