6/19/2023 0 Comments Xcode could not be downloaded![]() Users of older software can and probably should manually fix their computers to allow access to Let's Encrypt web sites by downloading the new ISRG Root X1 certificate and installing it in their certificate bundle. As a result, older operating systems and browsers (and other user agents that use networking facilities provided by the OS, such as MacPorts when it downloads files) can no longer verify the trust of sites encrypted using Let's Encrypt. On September 30, 2021, DST Root CA X3 expired. In the meantime, a version of the ISRG Root X1 certificate that has not been cross-signed by DST Root CA X3 has been included in modern browsers and operating systems. When the service got started in 2015, no web browser or operating system knew about it and would not have trusted these certificates, so they cross-signed the ISRG Root X1 certificate using DST Root CA X3, a trusted certificate authority already preinstalled in operating systems and browsers at that time. Certificates they issue are signed by the ISRG Root X1 certificate authority. Let's Encrypt is a popular free service that MacPorts and others use to obtain certificates to encrypt their web sites.
0 Comments
Leave a Reply. |